{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-10-12T00:00:00", "descriptions": [{"lang": "en", "value": "Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the \"Address Bar Spoofing on Double Byte Character Set Systems Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ie-dbcs-obtain-information(17652)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17652"}, {"name": "oval:org.mitre.oval:def:2448", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2448"}, {"name": "oval:org.mitre.oval:def:8127", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8127"}, {"name": "MS04-038", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038"}, {"name": "TA04-293A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA04-293A.html"}, {"name": "ie-ms04038-patch(17651)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17651"}, {"name": "20041128 Address Bar Spoofing on Double Byte Character Set Locale Vulnerability (CAN-2004-0844) Patched in MS04-038", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ"], "url": "http://marc.info/?l=ntbugtraq&m=110174346717733&w=2"}, {"name": "20041128 Address Bar Spoofing on Double Byte Character Set Locale Vulnerability (CAN-2004-0844) Patched in MS04-038", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=110178042025729&w=2"}, {"name": "VU#431576", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/431576"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0844", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the \"Address Bar Spoofing on Double Byte Character Set Systems Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ie-dbcs-obtain-information(17652)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17652"}, {"name": "oval:org.mitre.oval:def:2448", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2448"}, {"name": "oval:org.mitre.oval:def:8127", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8127"}, {"name": "MS04-038", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038"}, {"name": "TA04-293A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-293A.html"}, {"name": "ie-ms04038-patch(17651)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17651"}, {"name": "20041128 Address Bar Spoofing on Double Byte Character Set Locale Vulnerability (CAN-2004-0844) Patched in MS04-038", "refsource": "NTBUGTRAQ", "url": "http://marc.info/?l=ntbugtraq&m=110174346717733&w=2"}, {"name": "20041128 Address Bar Spoofing on Double Byte Character Set Locale Vulnerability (CAN-2004-0844) Patched in MS04-038", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=110178042025729&w=2"}, {"name": "VU#431576", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/431576"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0844", "datePublished": "2004-10-16T04:00:00", "dateReserved": "2004-09-08T00:00:00", "dateUpdated": "2018-10-12T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*", "matchCriteriaId": "B80088A3-2AA4-44A2-98DF-359E15F8E18B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the \"Address Bar Spoofing on Double Byte Character Set Systems Vulnerability.\""}, {"lang": "es", "value": "Internet Explorer 6 en sistemas de Juego de Caract\u00e9res de Byte Doble (BDCS) permite a atacantes remotos alterar la barra de direcciones mostrada y suplantar p\u00e1ginas web mediante una URL conteniendo caracteres especiales, lo que facilita ataques de phising, tambi\u00e9n llamada \"Vulnerabilidad de suplantaci\u00f3n de barra de direcciones en sistemas con juegos de caract\u00e9res de doble byte\""}], "id": "CVE-2004-0844", "lastModified": "2018-10-12T21:35:18.983", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-11-03T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=110178042025729&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=ntbugtraq&m=110174346717733&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/431576"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA04-293A.html"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17651"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17652"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2448"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8127"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}