10

CVE-2004-0420

Exploit

EPSS 55.06%
Published 07.07.2004 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP.

Affected products Warnungen 0 Metrics 2 CWE 0 References 17

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Ie Version6.0 Updatesp1

Microsoft ≫ Internet Explorer Version6.0

Microsoft ≫ Internet Explorer Version6.0.2800.1106

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	55.06%	0.978

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://www.us-cert.gov/cas/techalerts/TA04-196A.html

US Government Resource

http://secunia.com/advisories/10736/

http://www.kb.cert.org/vuls/id/106324

US Government Resource

http://www.security-express.com/archives/bugtraq/2004-01/0300.html

http://www.securityfocus.com/archive/1/351379

Vendor Advisory

Exploit

http://www.securityfocus.com/bid/9510

Vendor Advisory

Exploit

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-024

https://exchange.xforce.ibmcloud.com/vulnerabilities/14964

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2245

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2381

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2894

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3386

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3533

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3604

https://nvd.nist.gov/vuln/detail/CVE-2004-0420

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0420

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0420

EUVD