CyberSec.Space Logo
CVEブラウザに戻る

CVE-2004-1050

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1210%
EPSS Percentile7.91th
Published2004年12月31日
Last Modified2026年4月16日

Vulnerability Description

Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."

Affected Platforms (CPE)

📦
Avaya

Ip600 Media Servers

All versions
📦
Avaya

Ip600 Media Servers

= r6
📦
Avaya

Ip600 Media Servers

= r7
📦
Avaya

Ip600 Media Servers

= r8
📦
Avaya

Ip600 Media Servers

= r9
📦
Avaya

Ip600 Media Servers

= r10
📦
Avaya

Ip600 Media Servers

= r11
📦
Avaya

Ip600 Media Servers

= r12
📦
Microsoft

Ie

= 6.0
📦
Microsoft

Internet Explorer

= 6.0
🔌
Avaya

Definity One Media Server

All versions
🔌
Avaya

Definity One Media Server

= r6
🔌
Avaya

Definity One Media Server

= r7
🔌
Avaya

Definity One Media Server

= r8
🔌
Avaya

Definity One Media Server

= r9
🔌
Avaya

Definity One Media Server

= r10
🔌
Avaya

Definity One Media Server

= r11
🔌
Avaya

Definity One Media Server

= r12
🔌
Avaya

S3400

All versions
🔌
Avaya

S8100

All versions
🔌
Avaya

S8100

= r6
🔌
Avaya

S8100

= r7
🔌
Avaya

S8100

= r8
🔌
Avaya

S8100

= r9
🔌
Avaya

S8100

= r10
🔌
Avaya

S8100

= r11
🔌
Avaya

S8100

= r12
💻
Avaya

Modular Messaging Message Storage Server

= s3400

References & Advisories

🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028009.html
🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/028035.html
🔗 http://marc.info/?l=bugtraq&m=109942758911846&w=2
🔗 http://secunia.com/advisories/12959/
🔗 http://www.kb.cert.org/vuls/id/842160
🔗 http://www.securityfocus.com/archive/1/379261
🔗 http://www.securityfocus.com/bid/11515
🔗 http://www.us-cert.gov/cas/techalerts/TA04-315A.html

関連する脆弱性情報

CVE-2004-176010.0

The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not ...

CVE-2004-058610.0

acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary code via the (1) DownLoadURL, (2) SaveFilePath, and (3) Dow...

CVE-2004-106710.0

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may al...

CVE-2004-129910.0

Buffer overflow in the get_attr function in html.c for vilistextum 2.6.6 allows remote attackers to execute arbitrary code via a c...