CVE-2004-0841

CVE Database · CVE-2004-0841

CVE-2004-0841

· N/AModified

CVSS v3.1

N/A

EPSS

48.73%

Published

Dec 23, 2004

Modified

Apr 15, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft Internet Explorer 5.0.1 - Popup.show Mouse Event Hijacking TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."

Affected Products (16)

avaya · ip600_media_serversvulnerable

microsoft · ievulnerable

microsoft · internet_explorervulnerable

References (20)

http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0498.html

http://secunia.com/advisories/12048

http://securitytracker.com/id?1010679

http://www.kb.cert.org/vuls/id/413886

US Government Resource

http://www.osvdb.org/7774

http://www.securityfocus.com/archive/1/368652

ExploitPatchVendor Advisory

http://www.securityfocus.com/archive/1/368666

http://www.securityfocus.com/bid/10690

ExploitPatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs