Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0727Microsoft Internet Explorer vulnerability

4 documents4 sources
Severity
7.5HIGHNVD
EPSS
57.6%
top 1.83%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedJul 27
Latest updateApr 29

Description

Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/internet_explorer6.0.2800.1106

🔴Vulnerability Details

2
GHSA
GHSA-j84g-hfg4-3cpg: Microsoft Internet Explorer 62022-04-29
VulnCheck
Microsoft Internet Explorer Similar Method Name Redirection Cross Domain Vulnerability2004

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5.0.1 - JavaScript Method Assignment Cross-Domain Scripting2004-07-12
CVE-2004-0727 — Microsoft vulnerability | cvebase