漏洞信息详情
Microsoft Windows Internet Explorer拖放处理存在漏洞(MS04-038)
- CNNVD编号:CNNVD-200408-191
- 危害等级: 低危
- CVE编号: CVE-2004-0839
- 漏洞类型: 其他
- 发布时间: 2004-08-18
- 威胁类型: 远程
- 更新时间: 2021-07-26
- 厂 商: nortel
- 漏洞来源: Microsoft Security...
漏洞简介
Microsoft Internet Explorer是一款流行的WEB浏览器。Microsoft Internet Explorer处理拖放事件存在问题,远程攻击者可以利用这个漏洞控制目标用户系统。通过构建恶意页面,诱使用户访问,可能使攻击者把文件存放到用户系统中。成功利用此漏洞可以控制整个系统。利用此漏洞需要用户交互。
漏洞公告
厂商补丁:
Microsoft
---------
Microsoft已经为此发布了一个安全公告(MS04-038)以及相应补丁:
MS04-038:Cumulative Security Update for Internet Explorer (834707)
链接:
http://www.microsoft.com/technet/security/bulletin/MS04-038.mspx" target="_blank">
http://www.microsoft.com/technet/security/bulletin/MS04-038.mspx
补丁下载:
Internet Explorer 5.01 Service Pack 3 on Windows 2000 SP3
http://www.microsoft.com/downloads/details.aspx?FamilyId=2D8E8E97-4946-4994-924B-1FB1DC1881BA&displaylang=en" target="_blank">
http://www.microsoft.com/downloads/details.aspx?FamilyId=2D8E8E97-4946-4994-924B-1FB1DC1881BA&displaylang=en
Internet Explorer 5.01 Service Pack 4 on Windows 2000 SP4
http://www.microsoft.com/downloads/details.aspx?FamilyId=72DBE239-AF0A-42B5-B88C-A00371F6EC81&displaylang=en" target="_blank">
http://www.microsoft.com/downloads/details.aspx?FamilyId=72DBE239-AF0A-42B5-B88C-A00371F6EC81&displaylang=en
Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Me
http://www.microsoft.com/downloads/details.aspx?FamilyId=BE27F77C-3C2D-45F1-86DF-2B71799DA169&displaylang=en" target="_blank">
http://www.microsoft.com/downloads/details.aspx?FamilyId=BE27F77C-3C2D-45F1-86DF-2B71799DA169&displaylang=en
Internet Explorer 6 on Windows XP
http://www.microsoft.com/downloads/details.aspx?FamilyId=A89CFBE8-C299-415D-A9D6-7CC6429C547D&displaylang=en" target="_blank">
http://www.microsoft.com/downloads/details.aspx?FamilyId=A89CFBE8-C299-415D-A9D6-7CC6429C547D&displaylang=en
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 3, on Microsoft Windows 2000 Service Pack 4, on Microsoft Windows XP, or on Microsoft Windows XP Service Pack 1
http://www.microsoft.com/downloads/details.aspx?FamilyId=7C1404E6-F5D4-4FED-9573-DD83F2DFF074&displaylang=en" target="_blank">
http://www.microsoft.com/downloads/details.aspx?FamilyId=7C1404E6-F5D4-4FED-9573-DD83F2DFF074&displaylang=en
Internet Explorer 6 Service Pack 1 on Microsoft Windows NT Server 4.0 Service Pack 6a, on Microsoft Windows NT Server 4.0 Terminal Service Edition Service Pack 6, on Microsoft Windows 98, on Microsoft Windows 98 SE, or on Microsoft Windows Me
http://www.microsoft.com/downloads/details.aspx?FamilyId=DE8D94C4-7F58-4CE7-B8BD-51CFD795B03E&displaylang=en" target="_blank">
http://www.microsoft.com/downloads/details.aspx?FamilyId=DE8D94C4-7F58-4CE7-B8BD-51CFD795B03E&displaylang=en
Internet Explorer 6 for Windows XP Service Pack 1 (64-Bit Edition)
http://www.microsoft.com/downloads/details.aspx?FamilyId=C05103E8-4402-4D54-BA03-FBBC24142E4D&displaylang=en" target="_blank">
http://www.microsoft.com/downloads/details.aspx?FamilyId=C05103E8-4402-4D54-BA03-FBBC24142E4D&displaylang=en
Internet Explorer 6 for Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=19E69E5F-9C98-49AD-A61F-4F82A4014412&displaylang=en" target="_blank">
http://www.microsoft.com/downloads/details.aspx?FamilyId=19E69E5F-9C98-49AD-A61F-4F82A4014412&displaylang=en
Internet Explorer 6 for Windows Server 2003 64-Bit Edition and Windows XP 64-Bit Edition Version 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=566C2A05-2513-4E30-A3EA-87D4BF7F9730&displaylang=en" target="_blank">
http://www.microsoft.com/downloads/details.aspx?FamilyId=566C2A05-2513-4E30-A3EA-87D4BF7F9730&displaylang=en
Internet Explorer 6 for Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=CF47B515-3F51-43E1-9246-2C2264C49E2E&displaylang=en" target="_blank">
http://www.microsoft.com/downloads/details.aspx?FamilyId=CF47B515-3F51-43E1-9246-2C2264C49E2E&displaylang=en
参考网址
来源:XF
链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/17044
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1563
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3773
来源:CERT
链接:http://www.us-cert.gov/cas/techalerts/TA04-293A.HTML
来源:CERT-VN
链接:http://www.kb.cert.org/vuls/id/526089
来源:BID
链接:https://www.securityfocus.com/bid/10973
来源:BID
链接:http://www.securityfocus.com/bid/10973
来源:BUGTRAQ
链接:http://marc.info/?l=bugtraq&m=109303291513335&w=2
来源:FULLDISC
链接:http://seclists.org/lists/fulldisclosure/2004/Aug/0868.HTML
来源:MS
链接:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6272
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2073
来源:BUGTRAQ
链接:http://marc.info/?l=bugtraq&m=109336221826652&w=2
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4152
来源:OVAL
链接:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7721
受影响实体
- Nortel Ip_softphone_2050
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论