Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:34AD568B0EBA5C6E5DC9D6FCB774DA75
HistoryMay 03, 2006 - 12:00 a.m.

Internet Explorer IFRAME buffer overflow

2006-05-0300:00:00
SAINT Corporation
download.saintcorporation.com
12

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.927 High

EPSS

Percentile

98.8%

JSON

Added: 05/03/2006
CVE: CVE-2004-1050
BID: 11515
OSVDB: 11337

Background

Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.

Problem

A buffer overflow when processing the **name** attribute in an **IFRAME** tag allows command execution when a malformed web page is loaded.

Resolution

Apply the update referenced in Microsoft Security Bulletin 04-040 or a later cumulative Internet Explorer update.

References

<http://www.kb.cert.org/vuls/id/842160&gt;

Limitations

Exploit works on Internet Explorer 6. Exploitation requires a user to load the exploit into Internet Explorer.

Platforms

Windows

Related

checkpoint_advisories 3
cve 1
saint 3
myhack58 1
openvas 2
securityvulns 1
cert 1
nessus 2
checkpoint_advisories
checkpoint_advisories
Internet Explorer Malformed IFRAME Buffer Overflow (MS04-040) - Ver2 (CVE-2004-1050)
2014-12-28 00:00:00
Internet Explorer Malformed IFRAME Buffer Overflow (MS04-040; CVE-2004-1050)
2011-04-27 00:00:00
Internet Explorer Malformed IFRAME Buffer Overflow - ver 2 (CVE-2004-1050)
2016-06-30 00:00:00
cve
cve
CVE-2004-1050
2004-12-31 05:00:00
saint
saint
Internet Explorer IFRAME buffer overflow
2006-05-03 00:00:00
Internet Explorer IFRAME buffer overflow
2006-05-03 00:00:00
Internet Explorer IFRAME buffer overflow
2006-05-03 00:00:00
myhack58
myhack58
IE browser vulnerability integrated use of technology: the heap spray techniques-vulnerability warning-the black bar safety net
2017-03-25 00:00:00
openvas
openvas
Bofra Virus Detection
2005-11-03 00:00:00
Bofra Virus Detection
2005-11-03 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS04-040 Cumulative Security Update for Internet Explorer &#40;889293&#41;
2004-12-02 00:00:00
cert
cert
Microsoft Internet Explorer vulnerable to buffer overflow via FRAME and IFRAME elements
2004-11-03 00:00:00
nessus
nessus
MS04-040: Cumulative Security Update for Internet Explorer (889293)
2004-12-01 00:00:00
Microsoft IE FRAME/IFRAME/EMBED Tag Overflow (Bofra Worm Detection)
2004-11-17 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.927 High

EPSS

Percentile

98.8%

JSON
Related for SAINT:34AD568B0EBA5C6E5DC9D6FCB774DA75
checkpoint_advisories3cve1saint3myhack581openvas2securityvulns1cert1nessus2