CVE-2004-0841 Information

Description

Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window aka \HijackClick 3\ and the \Script in Image Tag File Download Vulnerability.\

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0498.html http://secunia.com/advisories/12048 http://securitytracker.com/id?1010679 http://www.kb.cert.org/vuls/id/413886 http://www.osvdb.org/7774 http://www.securityfocus.com/archive/1/368652 http://www.securityfocus.com/archive/1/368666 http://www.securityfocus.com/bid/10690 http://www.us-cert.gov/cas/techalerts/TA04-293A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038 https://exchange.xforce.ibmcloud.com/vulnerabilities/16675 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2611 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A4363 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5620 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6031 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6048 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A8077