CVE-2004-1319
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-12-15 CVE Published
- 2005-01-06 CVE Reserved
- 2024-07-14 EPSS Updated
- 2024-08-08 CVE Updated
- 2024-08-08 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (13)
| URL | Date | SRC |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2004-12/0167.html | 2024-08-08 | |
| http://www.securityfocus.com/bid/11950 | 2024-08-08 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/13482 | 2019-04-30 | |
| http://www.kb.cert.org/vuls/id/356600 | 2019-04-30 | |
| http://www.us-cert.gov/cas/techalerts/TA05-039A.html | 2019-04-30 |
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-013 | 2019-04-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nortel Search vendor "Nortel" | Ip Softphone 2050 Search vendor "Nortel" for product "Ip Softphone 2050" | * | - |
Affected
| ||||||
| Nortel Search vendor "Nortel" | Mobile Voice Client 2050 Search vendor "Nortel" for product "Mobile Voice Client 2050" | * | - |
Affected
| ||||||
| Nortel Search vendor "Nortel" | Optivity Telephony Manager Search vendor "Nortel" for product "Optivity Telephony Manager" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp4 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | enterprise Search vendor "Microsoft" for product "Windows 2003 Server" and version "enterprise" | 64-bit |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | enterprise_64-bit Search vendor "Microsoft" for product "Windows 2003 Server" and version "enterprise_64-bit" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | r2 Search vendor "Microsoft" for product "Windows 2003 Server" and version "r2" | 64-bit |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | r2 Search vendor "Microsoft" for product "Windows 2003 Server" and version "r2" | datacenter_64-bit |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | standard Search vendor "Microsoft" for product "Windows 2003 Server" and version "standard" | 64-bit |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | web Search vendor "Microsoft" for product "Windows 2003 Server" and version "web" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 98 Search vendor "Microsoft" for product "Windows 98" | * | gold |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 98se Search vendor "Microsoft" for product "Windows 98se" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Me Search vendor "Microsoft" for product "Windows Me" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | 64-bit |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | home |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | media_center |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | gold, professional |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp1, 64-bit |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp1, home |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp1, media_center |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2, home |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2, media_center |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2, tablet_pc |
Affected
| ||||||