Back to search
CVE-2004-0839
Published: Sep 14, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oval:org.mitre.oval:def:7721
vdb-entry
signature
x_refsource_OVAL
10973
vdb-entry
x_refsource_BID
20040824 What A Drag! -revisited-
mailing-list
x_refsource_BUGTRAQ
MS04-038
vendor-advisory
x_refsource_MS
oval:org.mitre.oval:def:6272
vdb-entry
signature
x_refsource_OVAL
20040818 What A Drag II XP SP2
mailing-list
x_refsource_FULLDISC
oval:org.mitre.oval:def:2073
vdb-entry
signature
x_refsource_OVAL
20040818 What A Drag II XP SP2
mailing-list
x_refsource_BUGTRAQ
TA04-293A
third-party-advisory
x_refsource_CERT
oval:org.mitre.oval:def:4152
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:3773
vdb-entry
signature
x_refsource_OVAL
VU#526089
third-party-advisory
x_refsource_CERT-VN
ie-dragdrop-code-execution(17044)
vdb-entry
x_refsource_XF
oval:org.mitre.oval:def:1563
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now