CVE-2004-2291
Description
Internet Explorer 5.5/6.0 allows remote code execution via a crafted HTML page using Shell Helper objects and a shortcut.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Internet Explorer 5.5/6.0 allows remote code execution via a crafted HTML page using Shell Helper objects and a shortcut.
Vulnerability
Microsoft Windows Internet Explorer versions 5.5 and 6.0 are vulnerable to remote code execution. This vulnerability is triggered by an embedded script within an HTML document that leverages Shell Helper objects and a shortcut (link) to execute arbitrary code.
Exploitation
An attacker can host a malicious HTML file on a web server. When a user visits this page using a vulnerable version of Internet Explorer, the embedded script will attempt to execute arbitrary code. The exploit involves using showModalDialog to redirect to a vbscript URI, which then loads another script that ultimately uses an ActiveXObject("Shell.Application") to execute commands like cmd.exe [1].
Impact
Successful exploitation allows a remote attacker to execute arbitrary code on the victim's machine with the privileges of the logged-in user. This could lead to a full compromise of the user's session and potentially the system.
Mitigation
There is no specific mitigation or patch information readily available in the provided references for this vulnerability. Users are advised to upgrade to a non-vulnerable version of Internet Explorer or a different web browser. This vulnerability is listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on Jun 6, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
7cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
- (no CPE)range: 5.5, 6.0
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The vulnerability stems from the use of Shell Helper objects in Internet Explorer, allowing script execution via shortcut objects."
Attack vector
A remote attacker can craft an HTML page containing embedded JavaScript that leverages Shell Helper objects and a shortcut (link) to execute arbitrary code. The exploit uses `showModalDialog` to open a modal window, which then redirects to a page that loads a script. This script, in turn, uses an `ActiveXObject("Shell.Application")` to execute commands on the target system [ref_id=1].
Affected code
The vulnerability is related to the handling of Shell Helper objects and script execution within Microsoft Internet Explorer versions 5.5 and 6.0. The exploit code demonstrates the use of `ActiveXObject("Shell.Application")` to achieve code execution [ref_id=1].
What the fix does
The advisory does not specify a patch or provide details on how the vulnerability is fixed. Remediation guidance typically involves disabling ActiveX controls or updating to a patched version of Internet Explorer, though no specific patch is referenced in the provided materials.
Preconditions
- inputThe user must visit a malicious HTML page.
- configInternet Explorer must have ActiveX controls enabled.
Reproduction
The provided exploit code includes HTML, JavaScript, and JSP files that can be used to reproduce the vulnerability. The attacker would host these files on a web server, and the victim would need to access the main HTML file through a vulnerable version of Internet Explorer [ref_id=1].
Generated on Jun 6, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- www.securityfocus.com/archive/1/348688nvdExploitVendor Advisory
- www.securityfocus.com/bid/9335nvdExploit
News mentions
0No linked articles in our index yet.