CVE-2004-2291

Published: Dec 31, 2004Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.

Affected (6)

Products: Microsoft: Ie, Internet Explorer

Microsoft

2 products

Internet Explorer

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Microsoft Ie	Version 6.0 sp1
Microsoft Internet Explorer	Version 5.5
Microsoft Internet Explorer	Version 5.5 preview
Microsoft Internet Explorer	Version 5.5 sp1
Microsoft Internet Explorer	Version 5.5 sp2
Microsoft Internet Explorer	Version 6.0

References (4)

http://www.securityfocus.com/archive/1/348688

Source: cve@mitre.org

ExploitVendor Advisory

http://www.securityfocus.com/bid/9335

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/archive/1/348688

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://www.securityfocus.com/bid/9335

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.