CVE-2004-0526

Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.

Published: Aug 6, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0526
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / outlook	2000-sr1	2000-sr1.x
microsoft / outlook_express	5.0.1	5.0.1.x
microsoft / outlook	2000	2000.x
microsoft / ie	6.0-sp1	6.0-sp1.x
microsoft / outlook_express	5.0	5.0.x
microsoft / outlook_express	4.72.3612	4.72.3612.x
microsoft / outlook	2000-sp3	2000-sp3.x
microsoft / outlook	2003	2003.x
microsoft / outlook_express	4.72.3120.0	4.72.3120.0.x
microsoft / outlook	2002-sp2	2002-sp2.x
microsoft / outlook	2002-sp3	2002-sp3.x
microsoft / outlook_express	4.27.3110	4.27.3110.x
microsoft / outlook_express	4.72.2106	4.72.2106.x
microsoft / outlook_express	4.0	4.0.x
microsoft / outlook_express	6.0	6.0.x
microsoft / outlook	98	98.x
microsoft / outlook_express	5.5	5.5.x
microsoft / outlook	2002-sp1	2002-sp1.x
microsoft / outlook_express	4.01-sp2	4.01-sp2.x
microsoft / outlook	2000-sp2	2000-sp2.x
microsoft / outlook	2002	2002.x
microsoft / outlook	97	97.x
microsoft / internet_explorer	5.5-sp2	5.5-sp2.x
microsoft / internet_explorer	5.0	5.0.x
microsoft / internet_explorer	5.0.1	5.0.1.x
microsoft / internet_explorer	5.0.1-sp2	5.0.1-sp2.x
microsoft / internet_explorer	5.0.1-sp3	5.0.1-sp3.x
microsoft / internet_explorer	5.0.1-sp4	5.0.1-sp4.x
microsoft / internet_explorer	5.0.1-sp1	5.0.1-sp1.x
microsoft / internet_explorer	5.5	5.5.x
microsoft / internet_explorer	5.5-sp1	5.5-sp1.x
microsoft / internet_explorer	6.0	6.0.x

Vulnerability Database

289,599

CVE-2004-0526