CVE-2004-1319 in Internet Explorer
Sumário (Inglês)
The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Reservar
06/01/2005
Divulgação
15/12/2004
Estado
Confirmado
Inscrições
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidade | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 1054 | Microsoft Internet Explorer DHTML Edit ActiveX Elevação de Privilégios | 358 | Prova de conceito | Correção oficial | CVE-2004-1319 |
Descrição
CPE
CWE
CVSS
Explorações
História
Diferença
Relacionar
Inteligência de ameaças
API JSON
API XML
API CSV