CVE-2004-0842
Microsoft Internet Explorer 5.0.1 - Style Tag Comment Memory Corruption
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the "<STYLE>@;/*" string, possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation, aka the "CSS Heap Memory Corruption Vulnerability."
Internet Explorer 6.1 SP1 y anteriores, y posiblemente otras versiones, permiten a atacantes remotos causar una denegación de servicio (caída de aplicación por "corrupción de memoria") mediante ciertos elementos de Hoja de Estilos en Cascada (CSS), como se ha demostrado usanto la cadena "<STYLE>@;/*", posiblemente debido a un terminador de comentario ausente que puede causar una longitud inválida que dispare una operación de copia de memoria grande.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-07-08 First Exploit
- 2004-09-08 CVE Reserved
- 2004-09-14 CVE Published
- 2024-08-08 CVE Updated
- 2024-09-29 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (18)
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/24328 | 2004-07-08 | |
| http://www.ecqurity.com/adv/IEstyle.html | 2024-08-08 | |
| http://www.securityfocus.com/bid/10816 | 2024-08-08 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038 | 2021-07-23 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Avaya Search vendor "Avaya" | Ip600 Media Servers Search vendor "Avaya" for product "Ip600 Media Servers" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Ie Search vendor "Microsoft" for product "Ie" | 6.0 Search vendor "Microsoft" for product "Ie" and version "6.0" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 5.0.1 Search vendor "Microsoft" for product "Internet Explorer" and version "5.0.1" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 5.0.1 Search vendor "Microsoft" for product "Internet Explorer" and version "5.0.1" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 5.0.1 Search vendor "Microsoft" for product "Internet Explorer" and version "5.0.1" | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 5.0.1 Search vendor "Microsoft" for product "Internet Explorer" and version "5.0.1" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 5.0.1 Search vendor "Microsoft" for product "Internet Explorer" and version "5.0.1" | sp4 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 5.5 Search vendor "Microsoft" for product "Internet Explorer" and version "5.5" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 5.5 Search vendor "Microsoft" for product "Internet Explorer" and version "5.5" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 5.5 Search vendor "Microsoft" for product "Internet Explorer" and version "5.5" | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 6.0 Search vendor "Microsoft" for product "Internet Explorer" and version "6.0" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Definity One Media Server Search vendor "Avaya" for product "Definity One Media Server" | * | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | S3400 Search vendor "Avaya" for product "S3400" | * | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | S8100 Search vendor "Avaya" for product "S8100" | * | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Modular Messaging Message Storage Server Search vendor "Avaya" for product "Modular Messaging Message Storage Server" | 1.1 Search vendor "Avaya" for product "Modular Messaging Message Storage Server" and version "1.1" | - |
Affected
| ||||||
| Avaya Search vendor "Avaya" | Modular Messaging Message Storage Server Search vendor "Avaya" for product "Modular Messaging Message Storage Server" | 2.0 Search vendor "Avaya" for product "Modular Messaging Message Storage Server" and version "2.0" | - |
Affected
| ||||||