CVE-2004-1319

NONECVSS 0.0

0.0

The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180.

🔗 References (26)

cve@mitrehttp://archives.neohapsis.com/archives/bugtraq/2004-12/0167.html
cve@mitrehttp://freehost07.websamba.com/greyhats/abusiveparent-discussion.htm
cve@mitrehttp://secunia.com/advisories/13482/
cve@mitrehttp://www.kb.cert.org/vuls/id/356600
cve@mitrehttp://www.securityfocus.com/bid/11950
cve@mitrehttp://www.us-cert.gov/cas/techalerts/TA05-039A.html
cve@mitrehttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-013
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/18504
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1114
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1701
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3464
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3851
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4758
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2004-12/0167.html
af854a3a-2127-422b-91ae-364da2661108http://freehost07.websamba.com/greyhats/abusiveparent-discussion.htm

Is Your Infrastructure Affected by CVE-2004-1319?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2004-1319

📅 Published

🔄 Last Modified

🔗 References (26)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2004-1319?