VDB

CVE-2004-0839

CVE-2004-0839 PUBLISHED CVSS 5 MEDIUM

Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".

EPSS 45.91% · 97.7th percentile

Risk Scores

CVSS 2.0
5
EPSS Score
45.91%
97.7th percentile

Affected Products

VendorProductVersions
avayas3400
norteloptivity_telephony_manager
nortelip_softphone_2050
avayadefinity_one_media_server
nortelmobile_voice_client_2050
microsoftie6.0, 6.0, 6.0
n/an/a*, n/a
microsoftwindows_2003_serverenterprise_64-bit, enterprise, enterprise_64-bit
microsoftwindows_98se
microsoftwindows_xp
microsoftwindows_me
avayas8100
nortelsymposium_web_centre_portal
avayaip600_media_servers
avayamodular_messaging_message_storage_server1.1, 1.1, 1.1
nortelsymposium_web_client
microsoftinternet_explorer5.0.1, 5.0.1, 5.5
microsoftwindows_98
microsoftwindows_2000

Timeline

  • Aug 18, 2004 CVE Published
  • Nov 9, 2004 VulnCheck KEV Exploitation
  • Feb 4, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score
  • Oct 30, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›