CVE-2004-0844 — Microsoft IE vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

66.7%

top 1.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft IE

Timeline

PublishedNov 3

Latest updateApr 29

Description

Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems Vulnerability."

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/ie6

Patches

Patch: www.kb.cert.org ↗Patch: www.us-cert.gov ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-qjxg-74xq-6x87: Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL↗2022-04-29

▶

CVEList

CVE-2004-0844: Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL↗2004-10-16

▶