Back to search
CVE-2004-0985
Published: Oct 26, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that is interpreted in the Local Zone by HTML Help.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20041020 How to Break Windows XP SP2 + Internet Explorer 6 SP2
mailing-list
x_refsource_BUGTRAQ
20041020 How to Break Windows XP SP2 + Internet Explorer 6 SP2
mailing-list
x_refsource_NTBUGTRAQ
ie-anchorclick-command-execution(17824)
vdb-entry
x_refsource_XF
20041020 Re: How to Break Windows XP SP2 + Internet Explorer 6 SP2
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now