Lucene search

[email protected]CVE-2004-2219

HistoryJul 17, 2005 - 4:00 a.m.

CVE-2004-2219

2005-07-1704:00:00

[email protected]

web.nvd.nist.gov

microsoft

internet explorer

phishing

cve-2004-2219

nullyfake

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6.6 Medium

AI Score

Confidence

High

0.597 Medium

EPSS

Percentile

97.8%

JSON

Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake.

Affected configurations

NVD

Node

microsoftieMatch6.0sp1

microsoftinternet_explorerMatch5.01

microsoftinternet_explorerMatch5.5

microsoftinternet_explorerMatch6.0

CPENameOperatorVersion
microsoft:iemicrosoft ieeq6.0
microsoft:internet_explorermicrosoft internet explorereq5.01
microsoft:internet_explorermicrosoft internet explorereq5.5
microsoft:internet_explorermicrosoft internet explorereq6.0

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	6.0
microsoft:internet_explorer	microsoft internet explorer	eq	5.01
microsoft:internet_explorer	microsoft internet explorer	eq	5.5
microsoft:internet_explorer	microsoft internet explorer	eq	6.0

References

archives.neohapsis.com/archives/bugtraq/2004-08/0215.html

secunia.com/advisories/12304

securitytracker.com/id?1010957

umbrella.name/originalvuln/msie/NullyFake/nullyfake-content.txt

www.osvdb.org/8978

exchange.xforce.ibmcloud.com/vulnerabilities/17007

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6.6 Medium

AI Score

Confidence

High

0.597 Medium

EPSS

Percentile

97.8%

JSON

Related for CVE-2004-2219

cvelist1 checkpoint_advisories1 nvd1