VDB
GCVE-110-CERTCC-2004-713878
GCVE-110-CERTCC-2004-713878
Advisory PublishedCVSS 7.5/10
Microsoft Internet Explorer (IE) does not adequately validate the security context of a frame that has been redirected by a web server. An attacker could exploit this vulnerability to evaluate script in different security domains. By causing script to be evaluated in the Local Machine Zone, the attacker could execute arbitrary code with the privileges of the user running IE.
Risk Scores
CVSS 2.0
7.5/10
High · AV:N/AC:L/Au:N/C:P/I:P/A:P
certcc-cam
certcc-cam
impact15population20exploitation20widely_known18score_current64.8ease_of_exploitation15
certcc-vrda
certcc-vrda
d1_impact4d1_population4d1_direct_report0
certcc-cvss-temporal-env
certcc-cvss-temporal-env
temporal_score6.5remediation_levelOFreport_confidenceCenvironmental_score6.5target_distributionHenvironmental_vectorCDP:ND/TD:H/CR:ND/IR:ND/AR:ND
Aliases
References
Browse GCVE Records
73,118 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.