CVE-2004-0845 — Microsoft Internet Explorer vulnerability

3 documents3 sources

Severity

6.4MEDIUMNVD

EPSS

39.0%

top 2.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft IE Microsoft Internet Explorer

Timeline

PublishedNov 3

Latest updateApr 29

Description

Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

▶NVDmicrosoft/internet_explorer5.01, 5.5+1

▶NVDmicrosoft/ie6

Patches

Patch: www.kb.cert.org ↗Patch: www.us-cert.gov ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-8c8w-44vm-45hw: Internet Explorer 5↗2022-04-29

▶

CVEList

CVE-2004-0845: Internet Explorer 5↗2004-10-16

▶