7.5

CVE-2004-0727

EPSS 64.05%
Published 27.07.2004 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 16

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Internet Explorer Version6.0.2800.1106

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	64.05%	0.983

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://freehost07.websamba.com/greyhats/similarmethodnameredir.htm

http://marc.info/?l=bugtraq&m=108966512815373&w=2

http://secunia.com/advisories/12048

http://www.kb.cert.org/vuls/id/207264

US Government Resource

http://www.us-cert.gov/cas/techalerts/TA04-293A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038

https://exchange.xforce.ibmcloud.com/vulnerabilities/16681

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4702

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6829

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7084

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7448

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7496

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7906

https://nvd.nist.gov/vuln/detail/CVE-2004-0727

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0727

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0727

EUVD