CVE-2004-1050 Information

Feb 14, 2021 cve

Description

Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME FRAME and EMBED elements as originally discovered using the mangleme utility aka \the IFRAME vulnerability\ or the \HTML Elements Vulnerability.\

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028009.html http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028035.html http://marc.info/?l=bugtraq&m=109942758911846&w=2 http://secunia.com/advisories/12959/ http://www.kb.cert.org/vuls/id/842160 http://www.securityfocus.com/archive/1/379261 http://www.securityfocus.com/bid/11515 http://www.us-cert.gov/cas/techalerts/TA04-315A.html http://www.us-cert.gov/cas/techalerts/TA04-336A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-040 https://exchange.xforce.ibmcloud.com/vulnerabilities/17889 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1294

Share on: