Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2004-0526

Published

19 years ago

Last Modified

2 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack..

CVSSv2.0 Score

Severity: Medium
Base Score: 5/10
Exploit Score: 10/10
Access Vector: Network
Access Complexity: Low
Authentication Required: None
Impact Score: 2.9/10
Confidentiality Impact: None
Availability Impact: None
Integrity Impact: Partial

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:microsoft:outlook:2000:sr1::::::	Yes	-	-
cpe:2.3:a:microsoft:outlook_express:5.0.1:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook:2000:::::::*	Yes	-	-
cpe:2.3:a:microsoft:ie:6.0:sp1::::::	Yes	-	-
cpe:2.3:a:microsoft:outlook_express:5.0:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook_express:4.72.3612:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook:2000:sp3::::::	Yes	-	-
cpe:2.3:a:microsoft:outlook:2003:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook_express:4.72.3120.0:::::::	Yes	-	-
cpe:2.3:a:microsoft:outlook:2002:sp2::::::	Yes	-	-
cpe:2.3:a:microsoft:outlook:2002:sp3::::::	Yes	-	-
cpe:2.3:a:microsoft:outlook_express:4.27.3110:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook_express:4.72.2106:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook_express:4.0:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook_express:6.0:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook:98:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook_express:5.5:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook:2002:sp1::::::	Yes	-	-
cpe:2.3:a:microsoft:outlook_express:4.01:sp2::::::	Yes	-	-
cpe:2.3:a:microsoft:outlook:2000:sp2::::::	Yes	-	-
cpe:2.3:a:microsoft:outlook:2002:::::::*	Yes	-	-
cpe:2.3:a:microsoft:outlook:97:::::::*	Yes	-	-
cpe:2.3:a:microsoft:internet_explorer:5.5:sp2::::::	Yes	-	-
cpe:2.3:a:microsoft:internet_explorer:5.0:::::::*	Yes	-	-
cpe:2.3:a:microsoft:internet_explorer:5.0.1:::::::*	Yes	-	-
cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2::::::	Yes	-	-
cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3::::::	Yes	-	-
cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4::::::	Yes	-	-
cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1::::::	Yes	-	-
cpe:2.3:a:microsoft:internet_explorer:5.5:::::::*	Yes	-	-
cpe:2.3:a:microsoft:internet_explorer:5.5:sp1::::::	Yes	-	-
cpe:2.3:a:microsoft:internet_explorer:6.0:::::::*	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2004-0526

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

CVSSv2.0 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2004-0526

CVE information

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

Products Affected

References