CVE-2004-0420 in Internet Explorerinfo

Summary

The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

04/19/2004

Disclosure

07/07/2004

Moderation

VulDB entry created

Entries

VDB-487 (1)

CPE

ready

CWE

CWE-119 (Confirmed)

Exploit

Download

CVSS

6.3

EPSS

0.47540

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0420
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0420
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0420/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!