CVE-2004-0549
First published: Tue Jun 15 2004(Updated: )
The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript, as demonstrated using (1) delayed HTTP redirect operations, and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or (2) modifying the location attribute of the window, as exploited by the Download.ject (aka Scob aka Toofer) using the ADODB.Stream object.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Internet Explorer | ||
| Internet Explorer | =5.01 | |
| Internet Explorer | =5.5 | |
| Internet Explorer | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.us-cert.gov/cas/techalerts/TA04-163A.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0031.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0104.html
- http://62.131.86.111/analysis.htm
- http://umbrella.name/originalvuln/msie/InsiderPrototype/
- http://www.us-cert.gov/cas/techalerts/TA04-212A.html
- http://www.kb.cert.org/vuls/id/713878
- http://www.us-cert.gov/cas/techalerts/TA04-184A.html
- http://marc.info/?l=bugtraq&m=108786396622284&w=2
- http://marc.info/?l=bugtraq&m=108852642021426&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16348
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A519
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A241
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A207
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1133
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-025
Frequently Asked Questions
What is the severity of CVE-2004-0549?
CVE-2004-0549 is classified as critical due to its potential for remote code execution.
How do I fix CVE-2004-0549?
To mitigate CVE-2004-0549, it is recommended to upgrade to a newer version of Internet Explorer or apply security patches provided by Microsoft.
What versions of Internet Explorer are affected by CVE-2004-0549?
CVE-2004-0549 affects Internet Explorer versions 5.01, 5.5, and 6.0.
What kind of attacks can exploit CVE-2004-0549?
CVE-2004-0549 can be exploited by attackers to execute arbitrary code in the local security context using the affected method.
What is the cause of CVE-2004-0549?
CVE-2004-0549 is caused by vulnerabilities in the WebBrowser ActiveX control and the MSHTML engine in Internet Explorer.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/internet explorer
- version/internet explorer/5.01
- version/internet explorer/5.5
- version/internet explorer/6.0