PT-2004-3185 · Microsoft · Internet Explorer
Published
2004-12-31
·
Updated
2021-07-23
·
CVE-2004-2291
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Microsoft Windows Internet Explorer versions 5.5 through 6.0
Description:
The issue allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.
Recommendations:
For Microsoft Windows Internet Explorer versions 5.5 through 6.0, consider disabling the use of Shell Helper objects as a temporary workaround until a patch is available. Restrict access to embedded scripts to minimize the risk of exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Internet Explorer