CyberSec.Space Logo
Back to CVE Browser

CVE-2004-1050

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1210%
EPSS Percentile7.91th
PublishedDec 31, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."

Affected Platforms (CPE)

πŸ“¦
Avaya

Ip600 Media Servers

All versions
πŸ“¦
Avaya

Ip600 Media Servers

= r6
πŸ“¦
Avaya

Ip600 Media Servers

= r7
πŸ“¦
Avaya

Ip600 Media Servers

= r8
πŸ“¦
Avaya

Ip600 Media Servers

= r9
πŸ“¦
Avaya

Ip600 Media Servers

= r10
πŸ“¦
Avaya

Ip600 Media Servers

= r11
πŸ“¦
Avaya

Ip600 Media Servers

= r12
πŸ“¦
Microsoft

Ie

= 6.0
πŸ“¦
Microsoft

Internet Explorer

= 6.0
πŸ”Œ
Avaya

Definity One Media Server

All versions
πŸ”Œ
Avaya

Definity One Media Server

= r6
πŸ”Œ
Avaya

Definity One Media Server

= r7
πŸ”Œ
Avaya

Definity One Media Server

= r8
πŸ”Œ
Avaya

Definity One Media Server

= r9
πŸ”Œ
Avaya

Definity One Media Server

= r10
πŸ”Œ
Avaya

Definity One Media Server

= r11
πŸ”Œ
Avaya

Definity One Media Server

= r12
πŸ”Œ
Avaya

S3400

All versions
πŸ”Œ
Avaya

S8100

All versions
πŸ”Œ
Avaya

S8100

= r6
πŸ”Œ
Avaya

S8100

= r7
πŸ”Œ
Avaya

S8100

= r8
πŸ”Œ
Avaya

S8100

= r9
πŸ”Œ
Avaya

S8100

= r10
πŸ”Œ
Avaya

S8100

= r11
πŸ”Œ
Avaya

S8100

= r12
πŸ’»
Avaya

Modular Messaging Message Storage Server

= s3400

References & Advisories

πŸ”— http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028009.html
πŸ”— http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028035.html
πŸ”— http://marc.info/?l=bugtraq&m=109942758911846&w=2
πŸ”— http://secunia.com/advisories/12959/
πŸ”— http://www.kb.cert.org/vuls/id/842160
πŸ”— http://www.securityfocus.com/archive/1/379261
πŸ”— http://www.securityfocus.com/bid/11515
πŸ”— http://www.us-cert.gov/cas/techalerts/TA04-315A.html

Related Vulnerabilities

CVE-2004-039110.0

Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded use...

CVE-2004-040110.0

Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions.

CVE-2004-044410.0

Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal F...

CVE-2004-042010.0

The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows ...