CVE-2004-2219

2005-07-1704:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

Low

0.597 Medium

EPSS

Percentile

97.8%

JSON

Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake.

References

archives.neohapsis.com/archives/bugtraq/2004-08/0215.html

secunia.com/advisories/12304

securitytracker.com/id?1010957

umbrella.name/originalvuln/msie/NullyFake/nullyfake-content.txt

www.osvdb.org/8978

exchange.xforce.ibmcloud.com/vulnerabilities/17007