CVE-2004-2219Microsoft IE vulnerability

3 documents3 sources
Severity
2.6LOWNVD
EPSS
15.1%
top 5.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedDec 31
Latest updateApr 29

Description

Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

NVDmicrosoft/internet_explorer5.01, 5.5, 6.0+2
NVDmicrosoft/ie6.0

🔴Vulnerability Details

2
GHSA
GHSA-6h6g-c44w-h3r2: Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI,2022-04-29
CVEList
CVE-2004-2219: Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI,2005-07-17
CVE-2004-2219 — Microsoft IE vulnerability | cvebase