QwikSec

Security Database

CVE

CWE

Training

CVE-2004-0727

Published: Jul 23, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://freehost07.websamba.com/greyhats/similarmethodnameredir.htm

x_refsource_MISC

oval:org.mitre.oval:def:7448

vdb-entry

signature

x_refsource_OVAL

oval:org.mitre.oval:def:7496

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_CERT-VN

vendor-advisory

x_refsource_MS

oval:org.mitre.oval:def:4702

vdb-entry

signature

x_refsource_OVAL

oval:org.mitre.oval:def:7906

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_CERT

ie-function-redirect-xss(16681)

vdb-entry

x_refsource_XF

oval:org.mitre.oval:def:6829

vdb-entry

signature

x_refsource_OVAL

20040711 MSIE Similar Method Name Redirection Cross Site/Zone Scripting

mailing-list

x_refsource_BUGTRAQ

oval:org.mitre.oval:def:7084

vdb-entry

signature

x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.