Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2004-0985
HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-0985

2004-12-3105:00:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
21
cve-2004-0985
internet explorer
windows xp
sp2
remote code execution
adodb
html help

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.05 Low

EPSS

Percentile

92.8%

JSON

Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that is interpreted in the Local Zone by HTML Help.

CPENameOperatorVersion
microsoft:iemicrosoft ieeq6.0

Related

cert 1
securityvulns 2
cert
cert
Microsoft Internet Explorer HTML Help control bypasses Local Machine Zone Lockdown
2004-12-22 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS05-008 Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)
2005-02-08 00:00:00
Microsoft Security Bulletin MS05-014 Cumulative Security Update for Internet Explorer (867282)
2005-02-09 00:00:00

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.05 Low

EPSS

Percentile

92.8%

JSON
Related for CVE-2004-0985
cert1securityvulns2