Vulnerability Name: CVE-2004-1319 (CCN-18504) Assigned: 2004-12-15 Published: 2004-12-15 Updated: 2019-04-30 Summary: The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180. CVSS v3 Severity: 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): LowAvailibility (A): None
CVSS v2 Severity: 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: BUGTRAQ20041215 MSIE DHTML Edit Control Cross Site Scripting Vulnerability MSIE DHTML Edit Control Cross Site Scripting Vulnerability CVE-2004-1319 http://freehost07.websamba.com/greyhats/abusiveparent-discussion.htm Internet Explorer DHTML Edit ActiveX Control Cross-Site Scripting 13482 Microsoft Vulnerability in DHTML Editing Component Active X Control Microsoft Internet Explorer DHTML Editing ActiveX control contains a cross-domain vulnerability VU#356600 Vulnerability in the DHTML Editing ActiveX Control could allow code execution (891781) Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution. (973908) Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution (978542) Internet Explorer Home 11950 Microsoft Windows DHTML Edit Control Script Injection Vulnerability TA05-039A MS05-013 ie-dhtml-xss(18504) ie-dhtml-xss(18504) oval:org.mitre.oval:def:1114 oval:org.mitre.oval:def:1701 oval:org.mitre.oval:def:3464 oval:org.mitre.oval:def:3851 oval:org.mitre.oval:def:4758 Vulnerable Configuration: Configuration 1 :cpe:/a:nortel:ip_softphone_2050:*:*:*:*:*:*:*:* OR cpe:/a:nortel:mobile_voice_client_2050:*:*:*:*:*:*:*:* OR cpe:/a:nortel:optivity_telephony_manager:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:web:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_98:*:gold:*:*:*:*:*:* OR cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:*:home:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:*:media_center:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:gold:professional:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp1:home:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:home:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:* Configuration CCN 1 :cpe:/a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:x64:* AND cpe:/o:microsoft:windows_2000:-:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:-::~~~~itanium~:*:*:*:*:* Oval Definitions BACK
nortel ip softphone 2050 *
nortel mobile voice client 2050 *
nortel optivity telephony manager *
microsoft windows 2000 *
microsoft windows 2000 * sp1
microsoft windows 2000 * sp2
microsoft windows 2000 * sp3
microsoft windows 2000 * sp4
microsoft windows 2003 server enterprise
microsoft windows 2003 server enterprise_64-bit
microsoft windows 2003 server r2
microsoft windows 2003 server r2
microsoft windows 2003 server standard
microsoft windows 2003 server web
microsoft windows 98 * gold
microsoft windows 98se *
microsoft windows me *
microsoft windows xp *
microsoft windows xp *
microsoft windows xp *
microsoft windows xp * gold
microsoft windows xp * sp1
microsoft windows xp * sp1
microsoft windows xp * sp1
microsoft windows xp * sp2
microsoft windows xp * sp2
microsoft windows xp * sp2
microsoft ie 6.0.2900.2180
microsoft windows xp - sp1
microsoft windows 2000 - sp3
microsoft windows xp - sp1
microsoft windows 2000 - sp4
microsoft windows 2003 server *
microsoft windows xp sp2
microsoft windows 2003 server -
Denotes that component is vulnerable