Vulnerability Name:

CVE-2004-0841 (CCN-16675)

Assigned:2004-07-12
Published:2004-07-12
Updated:2021-07-23
Summary:Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Sun Jul 11 2004 - 10:53:15 CDT
HijackClick 3

Source: CCN
Type: Full-Disclosure Mailing List, Mon Jul 12 2004 - 14:13:12 CDT
Brand New Hole: Internet Explorer: HijackClick 3

Source: FULLDISC
Type: UNKNOWN
20040712 Brand New Hole: Internet Explorer: HijackClick 3

Source: MITRE
Type: CNA
CVE-2004-0841

Source: CCN
Type: SA12048
Microsoft Internet Explorer Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
12048

Source: CCN
Type: SECTRACK ID: 1010679
Microsoft Internet Explorer Access Control Flaw in popup.show() Lets Remote Users Execute Mouse-Click Actions

Source: SECTRACK
Type: UNKNOWN
1010679

Source: CCN
Type: CIAC Information Bulletin P-006
Microsoft Cumulative Security Update for Internet Explorer (834707)

Source: CCN
Type: US-CERT VU#413886
Microsoft Internet Explorer allows mouse events to manipulate window objects and perform drag and drop operations

Source: CERT-VN
Type: US Government Resource
VU#413886

Source: CCN
Type: Microsoft Security Bulletin MS04-038
Cumulative Security Update for Internet Explorer (834707)

Source: CCN
Type: Microsoft Security Bulletin MS04-040
Cumulative Security Update for Internet Explorer (889293)

Source: CCN
Type: Microsoft Security Bulletin MS05-014
Cumulative Security Update for Internet Explorer (867282)

Source: CCN
Type: Microsoft Security Bulletin MS05-020
Cumulative Security Update for Internet Explorer (890923)

Source: CCN
Type: Microsoft Security Bulletin MS05-025
Cumulative Security Update for Internet Explorer (883939)

Source: CCN
Type: Microsoft Security Bulletin MS05-038
Cumulative Security Update for Internet Explorer (896727)

Source: CCN
Type: Microsoft Security Bulletin MS05-052
Cumulative Security Update for Internet Explorer (896688)

Source: CCN
Type: Microsoft Security Bulletin MS05-054
Cumulative Security Update for Internet Explorer (905915)

Source: CCN
Type: Microsoft Security Bulletin MS06-004
Cumulative Security Update for Internet Explorer (910620)

Source: CCN
Type: Microsoft Security Bulletin MS06-013
Cumulative Security Update for Internet Explorer (912812)

Source: CCN
Type: Microsoft Security Bulletin MS06-021
Cumulative Security Update for Internet Explorer (916281)

Source: CCN
Type: Microsoft Security Bulletin MS06-042
Cumulative Security Update for Internet Explorer (918899)

Source: CCN
Type: Microsoft Security Bulletin MS06-067
Cumulative Security Update for Internet Explorer (922760)

Source: CCN
Type: Microsoft Security Bulletin MS06-072
Cumulative Security Update for Internet Explorer (925454)

Source: CCN
Type: Microsoft Security Bulletin MS07-016
Cumulative Security Update for Internet Explorer (928090)

Source: CCN
Type: Microsoft Security Bulletin MS07-027
Cumulative Security Update for Internet Explorer (931768)

Source: CCN
Type: Microsoft Security Bulletin MS07-033
Cumulative Security Update for Internet Explorer (933566)

Source: CCN
Type: Microsoft Security Bulletin MS07-045
Cumulative Security Update for Internet Explorer (937143)

Source: CCN
Type: Microsoft Security Bulletin MS07-057
Cumulative Security Update for Internet Explorer (939653)

Source: CCN
Type: Microsoft Security Bulletin MS07-069
Cumulative Security Update for Internet Explorer (942615)

Source: CCN
Type: Microsoft Security Bulletin MS08-010
Cumulative Security Update for Internet Explorer (944533)

Source: CCN
Type: Microsoft Security Bulletin MS08-024
Cumulative Security Update for Internet Explorer (947864)

Source: CCN
Type: Microsoft Security Bulletin MS08-031
Cumulative Security Update for Internet Explorer (950759)

Source: CCN
Type: Microsoft Security Bulletin MS08-045
Cumulative Security Update for Internet Explorer (953838)

Source: CCN
Type: Microsoft Security Bulletin MS08-058
Cumulative Security Update for Internet Explorer (956390)

Source: OSVDB
Type: UNKNOWN
7774

Source: CCN
Type: OSVDB ID: 7774
Microsoft IE Popup.show() Click Hijack (HijackClick 3)

Source: BUGTRAQ
Type: Exploit, Patch, Vendor Advisory
20040711 HijackClick 3

Source: BUGTRAQ
Type: UNKNOWN
20040712 Re: HijackClick 3

Source: BID
Type: Exploit, Patch, Vendor Advisory
10690

Source: CCN
Type: BID-10690
Microsoft Internet Explorer Popup.show Mouse Event Hijacking Vulnerability

Source: CERT
Type: US Government Resource
TA04-293A

Source: MS
Type: UNKNOWN
MS04-038

Source: XF
Type: UNKNOWN
ie-popupshow-perform-actions(16675)

Source: XF
Type: UNKNOWN
ie-popupshow-perform-actions(16675)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:2611

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:4363

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5620

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6031

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6048

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:8077

Vulnerable Configuration:Configuration 1:
  • cpe:/a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
  • OR cpe:/a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
  • OR cpe:/h:avaya:s3400:*:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:s8100:*:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
  • OR cpe:/h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*
  • OR cpe:/o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
  • OR cpe:/a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:x64:*
  • AND
  • cpe:/o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp6a:*:*:server:*:x86:*
  • OR cpe:/o:microsoft:windows:2003_server::x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp6:*:*:terminal_server:*:x86:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:2611
    V
    		IE v6.0 HijackClick 3 / Script in Image Tag File Download Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:6048
    V
    		IE v5.01, SP4 HijackClick 3 / Script in Image Tag File Download Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:4363
    V
    		IE v5.01, SP3 HijackClick 3 / Script in Image Tag File Download Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:8077
    V
    		IE v6.0, SP1 HijackClick 3 / Script in Image Tag File Download Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:5620
    V
    		IE v6.0 for 2003, SP3 HijackClick 3 / Script in Image Tag File Download Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:6031
    V
    		IE v5.5, SP2 HijackClick 3 / Script in Image Tag File Download Vulnerability
    2014-02-24
    BACK
    microsoft internet explorer 5.5
    microsoft internet explorer 5.5 sp1
    avaya ip600 media servers *
    microsoft internet explorer 5.0.1
    microsoft internet explorer 5.5 sp2
    microsoft internet explorer 6.0
    microsoft internet explorer 5.0.1 sp3
    microsoft internet explorer 5.0.1 sp4
    avaya s3400 *
    avaya s8100 *
    microsoft internet explorer 5.0.1 sp1
    avaya definity one media server *
    microsoft ie 6.0 sp1
    microsoft internet explorer 5.0.1 sp2
    avaya modular messaging message storage server 1.1
    avaya modular messaging message storage server 2.0
    microsoft ie 6.0
    microsoft ie 5.5 sp2
    microsoft ie 6.0 sp1
    microsoft ie 5.01 sp3
    microsoft ie 5.01 sp4
    microsoft windows xp - sp1
    microsoft windows 2000 - sp3
    microsoft windows xp - sp1
    microsoft windows 2000 - sp4
    microsoft windows nt 4.0 sp6a
    microsoft windows 2003_server
    microsoft windows 2003 server *
    microsoft windows nt 4.0 sp6