What is CVE-2004-0526?

CVE-2004-0526 is a vulnerability in Microsoft Ie. Published 2004-08-06.

Is CVE-2004-0526 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Ie

CVE-2004-0526

Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points…

EPSS: 0.172 (96.7th percentile) — read the EPSS interpretation.

Affected products

Microsoft Ie — versions 6.0
Microsoft Internet_explorer — versions 5.0, 5.0.1, 5.5
Microsoft Outlook — versions 97, 98, 2000
Microsoft Outlook_express — versions 4.0, 4.01, 4.27.3110
N/a — versions n/a

Public proof-of-concept exploits

References

cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (Exploit, vdb-entry, x_refsource_BID, Vendor Advisory)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (x_refsource_MISC)

Frequently asked questions

What is CVE-2004-0526?: CVE-2004-0526 is a vulnerability in Microsoft Ie. Published 2004-08-06.
Is CVE-2004-0526 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.