VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Aug 6, 2004· Updated Apr 16, 2026

CVE-2004-0526

CVE-2004-0526

Description

Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.

Affected products

32
  • Microsoft/Ie
    cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
  • Microsoft/Internet Explorer10 versions
    cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
  • Microsoft/Outlook11 versions
    cpe:2.3:a:microsoft:outlook:2000:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:microsoft:outlook:2000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:2000:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:2000:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:2000:sr1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:2002:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:2002:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:2002:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:97:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:98:*:*:*:*:*:*:*
  • Microsoft/Outlook Express10 versions
    cpe:2.3:a:microsoft:outlook_express:4.0:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:microsoft:outlook_express:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook_express:4.01:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook_express:4.27.3110:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook_express:4.72.2106:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook_express:4.72.3120.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook_express:4.72.3612:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook_express:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook_express:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook_express:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook_express:6.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.