CVE-2004-0841

EXPLOITED

Internet Explorer 6.x - RCE

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2004-0841 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Paul.

AI-analyzed exploit summary This is a writeup describing a mouse event hijacking vulnerability in Microsoft Internet Explorer. It includes a proof-of-concept snippet demonstrating how a malicious webpage could trick users into performing unintended actions, such as approving dialogs.

Description

Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."

Exploits (1)

exploitdb WRITEUP VERIFIED
by Paul · textremotewindows
https://www.exploit-db.com/exploits/24266

This is a writeup describing a mouse event hijacking vulnerability in Microsoft Internet Explorer. It includes a proof-of-concept snippet demonstrating how a malicious webpage could trick users into performing unintended actions, such as approving dialogs.

Classification
Writeup 80%
Attack Type
Other
Complexity
Moderate
Reliability
Theoretical
Target: Microsoft Internet Explorer (versions affected by CVE-2004-0841)
No auth needed
Prerequisites: User interaction (clicking on a malicious element)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (17)

Core 17
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/413886
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1010679
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2611
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8077
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/12048
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16675
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA04-293A.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4363
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/10690
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/7774
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5620
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6031
Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/368652
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6048
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/368666
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0498.html

Scores

EPSS 0.5237
EPSS Percentile 98.0%

Details

VulnCheck KEV 2004-11-09
Status published
Products (10)
avaya/definity_one_media_server
avaya/ip600_media_servers
avaya/modular_messaging_message_storage_server 1.1
avaya/modular_messaging_message_storage_server 2.0
avaya/s3400
avaya/s8100
microsoft/ie 6.0 sp1
microsoft/internet_explorer 5.0.1 (5 CPE variants)
microsoft/internet_explorer 5.5 (3 CPE variants)
microsoft/internet_explorer 6.0
Published Dec 23, 2004
Tracked Since Feb 18, 2026