Vulnerability Name: | CVE-2004-0549 (CCN-16348) | ||||||||||||||||||||
Assigned: | 2004-06-07 | ||||||||||||||||||||
Published: | 2004-06-07 | ||||||||||||||||||||
Updated: | 2021-07-23 | ||||||||||||||||||||
Summary: | The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript, as demonstrated using (1) delayed HTTP redirect operations, and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or (2) modifying the location attribute of the window, as exploited by the Download.ject (aka Scob aka Toofer) using the ADODB.Stream object. | ||||||||||||||||||||
CVSS v3 Severity: | 6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N)
| ||||||||||||||||||||
CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||||||
Vulnerability Type: | CWE-Other | ||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
References: | Source: MISC Type: UNKNOWN http://62.131.86.111/analysis.htm Source: FULLDISC Type: UNKNOWN 20040602 180 Solutions Exploits and Toolbars Hacking Patched Users(I.E Exploits) Source: CCN Type: Full-Disclosure Mailing List, Sun Jun 06 2004 - 20:21:52 CDT Internet Explorer 6 execution of arbitrary code (An analysis of the 180 Solutions Trojan) Source: FULLDISC Type: UNKNOWN 20040606 Internet explorer 6 execution of arbitrary code (An analysis of the 180 Solutions Trojan) Source: MITRE Type: CNA CVE-2004-0549 Source: BUGTRAQ Type: UNKNOWN 20040621 IE/0DAY -> Insider Prototype Source: BUGTRAQ Type: UNKNOWN 20040628 JS.Scob.Trojan Source Code ... Source: MISC Type: UNKNOWN http://umbrella.name/originalvuln/msie/InsiderPrototype/ Source: CCN Type: CIAC Information Bulletin 0-191 Microsoft Cumulative Security Update for Internet Explorer (867801) Source: CCN Type: US-CERT VU#713878 Microsoft Internet Explorer does not properly validate source of redirected frame Source: CERT-VN Type: US Government Resource VU#713878 Source: CCN Type: Microsoft Security Bulletin MS04-025 Cumulative Security Update for Internet Explorer (867801) Source: CCN Type: Microsoft Security Bulletin MS04-038 Cumulative Security Update for Internet Explorer (834707) Source: CCN Type: Microsoft Security Bulletin MS04-040 Cumulative Security Update for Internet Explorer (889293) Source: CCN Type: Microsoft Security Bulletin MS05-014 Cumulative Security Update for Internet Explorer (867282) Source: CCN Type: Microsoft Security Bulletin MS05-020 Cumulative Security Update for Internet Explorer (890923) Source: CCN Type: Microsoft Security Bulletin MS05-025 Cumulative Security Update for Internet Explorer (883939) Source: CCN Type: Microsoft Security Bulletin MS05-038 Cumulative Security Update for Internet Explorer (896727) Source: CCN Type: Microsoft Security Bulletin MS05-052 Cumulative Security Update for Internet Explorer (896688) Source: CCN Type: Microsoft Security Bulletin MS05-054 Cumulative Security Update for Internet Explorer (905915) Source: CCN Type: Microsoft Security Bulletin MS06-004 Cumulative Security Update for Internet Explorer (910620) Source: CCN Type: Microsoft Security Bulletin MS06-013 Cumulative Security Update for Internet Explorer (912812) Source: CCN Type: Microsoft Security Bulletin MS06-021 Cumulative Security Update for Internet Explorer (916281) Source: CCN Type: Microsoft Security Bulletin MS06-042 Cumulative Security Update for Internet Explorer (918899) Source: CCN Type: Microsoft Security Bulletin MS06-067 Cumulative Security Update for Internet Explorer (922760) Source: CCN Type: Microsoft Security Bulletin MS06-072 Cumulative Security Update for Internet Explorer (925454) Source: CCN Type: Microsoft Security Bulletin MS07-016 Cumulative Security Update for Internet Explorer (928090) Source: CCN Type: Microsoft Security Bulletin MS07-027 Cumulative Security Update for Internet Explorer (931768) Source: CCN Type: Microsoft Security Bulletin MS07-033 Cumulative Security Update for Internet Explorer (933566) Source: CCN Type: Microsoft Security Bulletin MS07-045 Cumulative Security Update for Internet Explorer (937143) Source: CCN Type: Microsoft Security Bulletin MS07-057 Cumulative Security Update for Internet Explorer (939653) Source: CCN Type: Microsoft Security Bulletin MS07-069 Cumulative Security Update for Internet Explorer (942615) Source: CCN Type: Microsoft Security Bulletin MS08-010 Cumulative Security Update for Internet Explorer (944533) Source: CCN Type: Microsoft Security Bulletin MS08-024 Cumulative Security Update for Internet Explorer (947864) Source: CCN Type: Microsoft Security Bulletin MS08-031 Cumulative Security Update for Internet Explorer (950759) Source: CCN Type: Microsoft Security Bulletin MS08-045 Cumulative Security Update for Internet Explorer (953838) Source: CCN Type: Microsoft Security Bulletin MS08-058 Cumulative Security Update for Internet Explorer (956390) Source: CCN Type: BID-10472 Microsoft Internet Explorer URL Local Resource Access Weakness Source: CERT Type: Patch, Third Party Advisory, US Government Resource TA04-163A Source: CERT Type: US Government Resource TA04-184A Source: CERT Type: US Government Resource TA04-212A Source: CCN Type: Internet Security Systems Protection Alert July 30, 2004 Multiple Vulnerabilities in Microsoft Internet Explorer Source: MS Type: UNKNOWN MS04-025 Source: XF Type: UNKNOWN ie-location-restriction-bypass(16348) Source: XF Type: UNKNOWN ie-location-restriction-bypass(16348) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1133 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:207 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:241 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:519 | ||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||||||||||
Vulnerability Name: | CVE-2004-0549 (CCN-16541) | ||||||||||||||||||||
Assigned: | 2004-06-29 | ||||||||||||||||||||
Published: | 2004-06-29 | ||||||||||||||||||||
Updated: | 2004-06-29 | ||||||||||||||||||||
Summary: | Download.Ject, also known as JS.Scob.Trojan, Scob, and JS.Toofeer, is a backdoor Trojan affecting Microsoft Internet Explorer. Download.Ject exploits cross-zone restriction bypass vulnerabilities in Internet Explorer. A remote attacker could create a specially-crafted Web page, that downloads and installs the trojan on a client, once a victim visits the page. | ||||||||||||||||||||
CVSS v3 Severity: | |||||||||||||||||||||
CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2004-0549 Source: CCN Type: Microsoft.com Web site What You Should Know About Download.Ject Source: CCN Type: BID-10472 Microsoft Internet Explorer URL Local Resource Access Weakness Source: CCN Type: BID-10514 Microsoft Internet Explorer ADODB.Stream Object File Installation Weakness Source: CCN Type: BID-10652 Microsoft Internet Explorer Shell.Application Object Script Execution Weakness Source: CCN Type: IBM Internet Security Systems X-Force Database Microsoft Internet Explorer Location: header bypass restrictions Source: XF Type: UNKNOWN downloadject-trojan(16541) | ||||||||||||||||||||
Vulnerability Name: | CVE-2004-0549 (CCN-16544) | ||||||||||||||||||||
Assigned: | 2004-06-29 | ||||||||||||||||||||
Published: | 2004-06-29 | ||||||||||||||||||||
Updated: | 2004-06-29 | ||||||||||||||||||||
Summary: | Download.Ject, also known as JS.Scob.Trojan, Scob, and JS.Toofeer, is a Trojan that executes a JavaScript file from a remote server. The Trojan affects Microsoft Internet Information Services (IIS) version 5.0 and exploits a vulnerability in Microsoft Security Bulletin MS04-011. An attacker can append an executable file to a Web page that exists on a server running IIS. When a victim requests a Web page containing the executable from the server, the Trojan is downloaded and executed on the victim's system. | ||||||||||||||||||||
CVSS v3 Severity: | |||||||||||||||||||||
CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2004-0549 Source: CCN Type: Microsoft.com Web site What You Should Know About Download.Ject Source: CCN Type: Microsoft Security Bulletin MS04-011 Security Update for Microsoft Windows (835732) Source: CCN Type: BID-10472 Microsoft Internet Explorer URL Local Resource Access Weakness Source: CCN Type: BID-10514 Microsoft Internet Explorer ADODB.Stream Object File Installation Weakness Source: CCN Type: BID-10652 Microsoft Internet Explorer Shell.Application Object Script Execution Weakness Source: CCN Type: IBM Internet Security Systems X-Force Database Microsoft Internet Explorer Location: header bypass restrictions Source: XF Type: UNKNOWN downloadject-javascript-execution(16544) | ||||||||||||||||||||
Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
BACK |