CVE-2004-0979 — Microsoft Internet Explorer vulnerability

3 documents3 sources

Severity

4.6MEDIUMNVD

EPSS

3.2%

top 12.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft IE Microsoft Internet Explorer

Timeline

PublishedDec 31

Latest updateApr 29

Description

Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/internet_explorer6.0

▶NVDmicrosoft/ie6.0

🔴Vulnerability Details

GHSA

GHSA-4w63-xccq-vfcg: Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Pr↗2022-04-29

▶

CVEList

CVE-2004-0979: Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Pr↗2004-10-21

▶