CVE-2004-1050
published 2004-12-31CVE-2004-1050: Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME…
critical10CVSS 3.1
AVNACLAuNCCICAC
EXPLOIT
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| avaya | definity_one_media_server | — | — |
| avaya | definity_one_media_server | — | — |
| avaya | definity_one_media_server | — | — |
| avaya | definity_one_media_server | — | — |
| avaya | definity_one_media_server | — | — |
| avaya | definity_one_media_server | — | — |
| avaya | definity_one_media_server | — | — |
| avaya | ip600_media_servers | — | — |
| avaya | ip600_media_servers | — | — |
| avaya | ip600_media_servers | — | — |
| avaya | ip600_media_servers | — | — |
| avaya | ip600_media_servers | — | — |
| avaya | ip600_media_servers | — | — |
| avaya | ip600_media_servers | — | — |
| avaya | modular_messaging_message_storage_server | — | — |
| avaya | s8100 | — | — |
| avaya | s8100 | — | — |
| avaya | s8100 | — | — |
| avaya | s8100 | — | — |
| avaya | s8100 | — | — |
| avaya | s8100 | — | — |
| avaya | s8100 | — | — |
| microsoft | ie | — | — |
| microsoft | internet_explorer | — | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vulncheck10.0CRITICAL