VDB
GSD-2004-0839
GSD-2004-0839
PUBLISHED
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Timeline
- Aug 18, 2004 CVE Published
- Apr 15, 2026 Security Advisory
References
- oval:org.mitre.oval:def:7721 vdb
- 10973 vdb
- 20040824 What A Drag! -revisited- mailing-list
- oval:org.mitre.oval:def:6272 vdb
- 20040818 What A Drag II XP SP2 mailing-list
- oval:org.mitre.oval:def:2073 vdb
- 20040818 What A Drag II XP SP2 mailing-list
- TA04-293A third-party-advisory
- oval:org.mitre.oval:def:4152 vdb
- oval:org.mitre.oval:def:3773 vdb
- ie-dragdrop-code-execution(17044) vdb
- oval:org.mitre.oval:def:1563 vdb
- MS04-038 advisory
- VU#526089 advisory