Microsoft Windows HTML Help Control Cross-Zone Scripting Vulnerability

Bugtraq ID: 11467
Class: Access Validation Error
CVE: CVE-2004-1043
Remote: Yes
Local: No
Published: Oct 20 2004 12:00AM
Updated: Jul 12 2009 08:06AM
Credit: Discovery is credited to http-equiv.
Vulnerable: Nortel Networks Symposium Web Client
Nortel Networks Symposium Web Center Portal (SWCP)
Nortel Networks SL100 Corporate Directory
Nortel Networks Periphonics
Nortel Networks Optivity Telephony Manager for SL-100
Nortel Networks Optivity Telephony Manager (OTM)
Nortel Networks Optivity Switch Manager (OSM)
Nortel Networks Optivity Network Management System
Nortel Networks Optivity Network Configuration System (NCS)
Nortel Networks Optivity NetID
Nortel Networks Network Configuration Manager for BCM
Nortel Networks Mobile Voice Client 2050
Nortel Networks Meridian SL-100
Nortel Networks MCS 5200 3.0
Nortel Networks MCS 5100 3.0
Nortel Networks IP softphone 2050
Nortel Networks CPL (Craft Photonic Layer) Web client (IE)
Nortel Networks Contivity VPN Client 5.0 1_030
Nortel Networks Contivity VPN Client 4.91
Nortel Networks Contivity VPN Client 4.86
Nortel Networks Contivity VPN Client 4.15
Nortel Networks Contivity Configuration Manager
Nortel Networks CallPilot 703t
Nortel Networks CallPilot 201i
Nortel Networks CallPilot 1002rp
Nortel Networks Call Center Management Information System (CCMIS)
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Tablet PC Edition SP1
Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Professional SP2
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
Microsoft Windows XP Home SP2
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows XP 64-bit Edition Version 2003 SP1
Microsoft Windows XP 64-bit Edition Version 2003
Microsoft Windows XP 64-bit Edition SP1
Microsoft Windows XP 64-bit Edition
Microsoft Windows Server 2003 Web Edition SP1 Beta 1
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Standard Edition SP1 Beta 1
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Enterprise Edition Itanium SP1 Beta 1
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
Microsoft Windows Server 2003 Enterprise Edition SP1 Beta 1
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter Edition Itanium SP1 Beta 1
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
Microsoft Windows Server 2003 Datacenter Edition SP1 Beta 1
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows ME
Microsoft Windows 98SE
Microsoft Windows 98
Microsoft Windows 2000 Professional SP4
Microsoft Windows 2000 Professional SP3
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Windows 2000 Datacenter Server SP3
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Advanced Server SP4
Microsoft Windows 2000 Advanced Server SP3
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server
Microsoft Internet Explorer 6.0 SP2 - do not use
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus