Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2004-0526

Published: 06/08/2004 Updated: 23/07/2021
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Microsoft

Vulnerability Summary

Unknown versions of Internet Explorer and Outlook allow remote malicious users to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet explorer 5.0

microsoft internet explorer 5.0.1

microsoft ie 6.0

microsoft outlook 2000

microsoft outlook 2002

microsoft outlook 2003

microsoft outlook express 4.72.3612

microsoft outlook express 5.0

microsoft internet explorer 5.5

microsoft internet explorer 6.0

microsoft outlook express 4.27.3110

microsoft outlook express 4.72.2106

microsoft outlook express 4.72.3120.0

microsoft outlook 97

microsoft outlook 98

microsoft outlook express 5.0.1

microsoft outlook express 5.5

microsoft outlook express 4.0

microsoft outlook express 4.01

microsoft outlook express 6.0

Exploits

Exploit DB: Microsoft Internet Explorer 4/5/6 - Embedded Image URI Obfuscation
source: wwwsecurityfocuscom/bid/10308/info It has been reported that Microsoft Internet Explorer is prone to a URI obfuscation weakness that may hide the true contents of a URI link The issue occurs when an image is contained within a properly formatted HREF tag This weakness could be employed to trick a user into following a malicious ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/10308http://archives.neohapsis.com/archives/bugtraq/2004-05/0161.htmlhttp://www.kurczaba.com/securityadvisories/0405132poc.htmhttp://marc.info/?l=bugtraq&m=108422905510713&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/16102https://nvd.nist.govhttps://www.exploit-db.com/exploits/24102/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook