| Definition Id: oval:org.mitre.oval:def:6031 |
Date: 2005-09-26 |
| Title: |
IE v5.5, SP2 HijackClick 3 / Script in Image Tag File Download Vulnerability |
| Description: |
Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability." |
| Version: |
2 |
Class: |
vulnerability |
| Status: |
ACCEPTED |
Reference(s): |
CVE-2004-0841
|
| Family: |
windows |
| Platform(s): |
Microsoft Windows ME
Microsoft Windows NT
Microsoft Windows 2000 |
Product(s): |
Microsoft Internet Explorer |
| Definition Synopsis: |
- Software section
- AND Configuration section
- ActiveX controls and active scripting are enabled
- current user settings are being used and ActiveX controls and active scripting are enabled
- OR local machine settings are being used and ActiveX controls and active scripting are enabled
|
