CVE-2004-2434 - Vulnerability Details - OpenCVE

Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with "::{" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using "Save As" and Internet Explorer prepares an error message with an attacker-controlled format string.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Ie

Configuration 1 [-]

cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0397.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0428.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1126.html
http://securitytracker.com/id?1010491
http://www.osvdb.org/8335
http://www.securiteam.com/windowsntfocus/5IP020KDPU.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/16420

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-08-18T04:00:00

Updated: 2024-08-08T01:29:12.813Z

Reserved: 2005-08-18T00:00:00

Link: CVE-2004-2434

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2004-12-31T05:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2004-2434

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-06-14T00:00:00", "descriptions": [{"lang": "en", "value": "Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with \"::{\" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using \"Save As\" and Internet Explorer prepares an error message with an attacker-controlled format string."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "8335", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/8335"}, {"name": "1010491", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1010491"}, {"name": "20040615 RE: Internet Explorer Remote Null Pointer Crash(mshtml.dll)", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0428.html"}, {"name": "20040728 Re: Internet Explorer Remote Null Pointer Crash(mshtml.dll)", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1126.html"}, {"name": "20040614 Internet Explorer Remote Null Pointer Crash(mshtml.dll)", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0397.html"}, {"name": "ie-null-pointer-dos(16420)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16420"}, {"tags": ["x_refsource_MISC"], "url": "http://www.securiteam.com/windowsntfocus/5IP020KDPU.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-2434", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with \"::{\" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using \"Save As\" and Internet Explorer prepares an error message with an attacker-controlled format string."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "8335", "refsource": "OSVDB", "url": "http://www.osvdb.org/8335"}, {"name": "1010491", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1010491"}, {"name": "20040615 RE: Internet Explorer Remote Null Pointer Crash(mshtml.dll)", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0428.html"}, {"name": "20040728 Re: Internet Explorer Remote Null Pointer Crash(mshtml.dll)", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1126.html"}, {"name": "20040614 Internet Explorer Remote Null Pointer Crash(mshtml.dll)", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0397.html"}, {"name": "ie-null-pointer-dos(16420)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16420"}, {"name": "http://www.securiteam.com/windowsntfocus/5IP020KDPU.html", "refsource": "MISC", "url": "http://www.securiteam.com/windowsntfocus/5IP020KDPU.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:29:12.813Z"}, "title": "CVE Program Container", "references": [{"name": "8335", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/8335"}, {"name": "1010491", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1010491"}, {"name": "20040615 RE: Internet Explorer Remote Null Pointer Crash(mshtml.dll)", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0428.html"}, {"name": "20040728 Re: Internet Explorer Remote Null Pointer Crash(mshtml.dll)", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1126.html"}, {"name": "20040614 Internet Explorer Remote Null Pointer Crash(mshtml.dll)", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0397.html"}, {"name": "ie-null-pointer-dos(16420)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16420"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securiteam.com/windowsntfocus/5IP020KDPU.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-2434", "datePublished": "2005-08-18T04:00:00", "dateReserved": "2005-08-18T00:00:00", "dateUpdated": "2024-08-08T01:29:12.813Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with \"::{\" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using \"Save As\" and Internet Explorer prepares an error message with an attacker-controlled format string."}], "id": "CVE-2004-2434", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0397.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0428.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1126.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://securitytracker.com/id?1010491"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/8335"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securiteam.com/windowsntfocus/5IP020KDPU.html"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16420"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0397.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0428.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1126.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://securitytracker.com/id?1010491"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/8335"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securiteam.com/windowsntfocus/5IP020KDPU.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16420"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}