Vulnerability Name: CVE-2004-0839 (CCN-17044) Assigned: 2004-08-18 Published: 2004-08-18 Updated: 2021-07-23 Summary: Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". CVSS v3 Severity: 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): LowAvailibility (A): None
CVSS v2 Severity: 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: CCN Type: Full-Disclosure Mailing List, Wed Aug 18 2004 - 12:24:56 CDT What A Drag II XP SP2 Source: CCN Type: Full-Disclosure Mailing List, Thu Aug 19 2004 - 01:42:28 CDTRe: [Full-Disclosure] What A Drag II XP SP2 Source: MITRE Type: CNACVE-2004-0839 Source: BUGTRAQ Type: UNKNOWN20040818 What A Drag II XP SP2 Source: BUGTRAQ Type: UNKNOWN20040824 What A Drag! -revisited- Source: FULLDISC Type: Vendor Advisory20040818 What A Drag II XP SP2 Source: CCN Type: CIAC Information Bulletin P-006Microsoft Cumulative Security Update for Internet Explorer (834707) Source: CCN Type: US-CERT VU#526089Microsoft Internet Explorer treats arbitrary files as images for drag and drop operations Source: CERT-VN Type: Patch, Third Party Advisory, US Government ResourceVU#526089 Source: CCN Type: Microsoft Security Bulletin MS04-038Cumulative Security Update for Internet Explorer (834707) Source: CCN Type: Microsoft Security Bulletin MS04-040Cumulative Security Update for Internet Explorer (889293) Source: CCN Type: Microsoft Security Bulletin MS05-008Vulnerability in Windows Shell Could Allow Remote Code Execution (890047) Source: CCN Type: Microsoft Security Bulletin MS05-014Cumulative Security Update for Internet Explorer (867282) Source: CCN Type: Microsoft Security Bulletin MS05-016Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086) Source: CCN Type: Microsoft Security Bulletin MS05-020Cumulative Security Update for Internet Explorer (890923) Source: CCN Type: Microsoft Security Bulletin MS05-025Cumulative Security Update for Internet Explorer (883939) Source: CCN Type: Microsoft Security Bulletin MS05-038Cumulative Security Update for Internet Explorer (896727) Source: CCN Type: Microsoft Security Bulletin MS05-049Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725) Source: CCN Type: Microsoft Security Bulletin MS05-052Cumulative Security Update for Internet Explorer (896688) Source: CCN Type: Microsoft Security Bulletin MS05-054Cumulative Security Update for Internet Explorer (905915) Source: CCN Type: Microsoft Security Bulletin MS06-004Cumulative Security Update for Internet Explorer (910620) Source: CCN Type: Microsoft Security Bulletin MS06-013Cumulative Security Update for Internet Explorer (912812) Source: CCN Type: Microsoft Security Bulletin MS06-015Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531) Source: CCN Type: Microsoft Security Bulletin MS06-021Cumulative Security Update for Internet Explorer (916281) Source: CCN Type: Microsoft Security Bulletin MS06-042Cumulative Security Update for Internet Explorer (918899) Source: CCN Type: Microsoft Security Bulletin MS06-045Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398) Source: CCN Type: Microsoft Security Bulletin MS06-057Vulnerability in Windows Explorer Could Allow Remote Execution (923191) Source: CCN Type: Microsoft Security Bulletin MS06-067Cumulative Security Update for Internet Explorer (922760) Source: CCN Type: Microsoft Security Bulletin MS06-072Cumulative Security Update for Internet Explorer (925454) Source: CCN Type: Microsoft Security Bulletin MS07-006Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255) Source: CCN Type: Microsoft Security Bulletin MS07-016Cumulative Security Update for Internet Explorer (928090) Source: CCN Type: Microsoft Security Bulletin MS07-027Cumulative Security Update for Internet Explorer (931768) Source: CCN Type: Microsoft Security Bulletin MS07-033Cumulative Security Update for Internet Explorer (933566) Source: CCN Type: Microsoft Security Bulletin MS07-045Cumulative Security Update for Internet Explorer (937143) Source: CCN Type: Microsoft Security Bulletin MS07-057Cumulative Security Update for Internet Explorer (939653) Source: CCN Type: Microsoft Security Bulletin MS07-069Cumulative Security Update for Internet Explorer (942615) Source: CCN Type: Microsoft Security Bulletin MS08-010Cumulative Security Update for Internet Explorer (944533) Source: CCN Type: Microsoft Security Bulletin MS08-024Cumulative Security Update for Internet Explorer (947864) Source: CCN Type: Microsoft Security Bulletin MS08-031Cumulative Security Update for Internet Explorer (950759) Source: CCN Type: Microsoft Security Bulletin MS08-045Cumulative Security Update for Internet Explorer (953838) Source: CCN Type: Microsoft Security Bulletin MS08-058Cumulative Security Update for Internet Explorer (956390) Source: BID Type: Exploit, Patch, Vendor Advisory10973 Source: CCN Type: BID-10973Microsoft Internet Explorer Implicit Drag and Drop File Installation Vulnerability Source: CERT Type: Patch, Third Party Advisory, US Government ResourceTA04-293A Source: MS Type: UNKNOWNMS04-038 Source: XF Type: UNKNOWNie-dragdrop-code-execution(17044) Source: XF Type: UNKNOWNie-dragdrop-code-execution(17044) Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:1563 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:2073 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:3773 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:4152 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:6272 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:7721 Vulnerable Configuration: Configuration 1 :cpe:/a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:* OR cpe:/a:avaya:ip600_media_servers:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:ie:6.0:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:ie:6.0:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:* OR cpe:/h:avaya:definity_one_media_server:*:*:*:*:*:*:*:* OR cpe:/h:avaya:s8100:*:*:*:*:*:*:*:* OR cpe:/h:avaya:s3400:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:* Configuration 2 :cpe:/a:nortel:ip_softphone_2050:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:* OR cpe:/a:nortel:mobile_voice_client_2050:*:*:*:*:*:*:*:* OR cpe:/a:nortel:optivity_telephony_manager:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:home:*:*:*:*:* OR cpe:/a:nortel:symposium_web_centre_portal:*:*:*:*:*:*:*:* OR cpe:/a:nortel:symposium_web_client:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp1:home:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:web:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:gold:professional:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:* OR cpe:/o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:*:media_center:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:*:home:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:* OR cpe:/o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_98:*:gold:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp3:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:ie:6.0:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:x64:* AND cpe:/o:microsoft:windows_2000:-:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:sp6a:*:*:server:*:x86:* OR cpe:/o:microsoft:windows:2003_server::x64:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_nt:4.0:sp6:*:*:terminal_server:*:x86:* OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions BACK
microsoft internet explorer 5.5
microsoft internet explorer 5.5 sp1
avaya ip600 media servers *
microsoft internet explorer 5.0.1
microsoft internet explorer 5.5 sp2
microsoft internet explorer 6.0
microsoft internet explorer 5.0.1 sp1
microsoft internet explorer 5.0.1 sp2
microsoft ie 6.0 sp1
microsoft ie 6.0 sp2
microsoft internet explorer 5.0.1 sp3
avaya definity one media server *
avaya s8100 *
avaya s3400 *
microsoft internet explorer 5.0.1 sp4
nortel ip softphone 2050 *
microsoft windows 2000 *
nortel mobile voice client 2050 *
nortel optivity telephony manager *
microsoft windows 2003 server enterprise
microsoft windows 98se *
microsoft windows me *
microsoft windows xp * sp1
microsoft windows xp * sp2
nortel symposium web centre portal *
nortel symposium web client *
microsoft windows xp * sp1
microsoft windows 2003 server web
microsoft windows 2003 server enterprise_64-bit
microsoft windows xp * gold
microsoft windows xp *
avaya modular messaging message storage server 2.0
microsoft windows 2000 * sp4
microsoft windows xp *
microsoft windows 2000 * sp2
microsoft windows 2003 server r2
microsoft windows 2000 * sp1
microsoft windows xp * sp2
microsoft windows xp *
microsoft windows xp * sp1
microsoft windows 2003 server standard
microsoft windows xp * sp2
avaya modular messaging message storage server 1.1
microsoft windows 98 * gold
microsoft windows 2003 server r2
microsoft windows 2000 * sp3
microsoft ie 6.0
microsoft ie 5.5 sp2
microsoft ie 6.0 sp1
microsoft ie 5.01 sp3
microsoft ie 5.01 sp4
microsoft windows xp - sp1
microsoft windows 2000 - sp3
microsoft windows xp - sp1
microsoft windows 2000 - sp4
microsoft windows nt 4.0 sp6a
microsoft windows 2003_server
microsoft windows 2003 server *
microsoft windows nt 4.0 sp6
microsoft windows xp sp2