CVE-2004-0727
7.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.077 Low
EPSS
Percentile
94.1%
Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the “Similar Method Name Redirection Cross Domain Vulnerability.”
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft:internet_explorer | microsoft internet explorer | eq | 6.0.2800.1106 |
References
freehost07.websamba.com/greyhats/similarmethodnameredir.htm
marc.info/?l=bugtraq&m=108966512815373&w=2
secunia.com/advisories/12048
www.kb.cert.org/vuls/id/207264
www.us-cert.gov/cas/techalerts/TA04-293A.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038
exchange.xforce.ibmcloud.com/vulnerabilities/16681
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4702
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6829
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7084
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7448
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7496
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7906
Related
7.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.077 Low
EPSS
Percentile
94.1%