CVE-2004-0985Microsoft IE vulnerability

11 documents6 sources
Severity
10.0CRITICALNVD
EPSS
41.5%
top 2.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft IE
Timeline
PublishedDec 31
Latest updateApr 29

Description

Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that is interpreted in the Local Zone by HTML Help.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/ie6.0

🔴Vulnerability Details

2
GHSA
GHSA-w73v-gw8h-8683: Internet Explorer 62022-04-29
CVEList
CVE-2004-0985: Internet Explorer 62004-10-26

💥Exploits & PoCs

4
Exploit-DB
Linux Kernel 2.2.25/2.4.24/2.6.2 - 'mremap()' Validator2004-02-18
Exploit-DB
Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation2004-01-15
Exploit-DB
Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (2)2004-01-07
Exploit-DB
Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (1)2004-01-06

📋Vendor Advisories

2
Red Hat
security flaw2004-02-18
Red Hat
security flaw2004-01-05

💬Community

2
Bugzilla
CVE-2003-0985 security flaw2018-08-16
Bugzilla
CVE-2004-0077 security flaw2018-08-16