Back to search
CVE-2004-1050
Published: Nov 18, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#842160
third-party-advisory
x_refsource_CERT-VN
20041023 python does mangleme (with IE bugs!)
mailing-list
x_refsource_FULLDISC
MS04-040
vendor-advisory
x_refsource_MS
20041102 MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC
mailing-list
x_refsource_BUGTRAQ
11515
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:1294
vdb-entry
signature
x_refsource_OVAL
20041025 python does mangleme (with IE bugs!)
mailing-list
x_refsource_FULLDISC
TA04-315A
third-party-advisory
x_refsource_CERT
ie-iframe-src-name-bo(17889)
vdb-entry
x_refsource_XF
12959
third-party-advisory
x_refsource_SECUNIA
20041024 python does mangleme (with IE bugs!)
mailing-list
x_refsource_BUGTRAQ
TA04-336A
third-party-advisory
x_refsource_CERT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now