CVE-2004-2291

Microsoft Windows Internet Explorer <6.0 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2291. PoCs published by Jelmer.

AI-analyzed exploit summary This exploit leverages a vulnerability in Internet Explorer (CVE-2004-2291) to execute arbitrary code via a crafted HTML page with JavaScript and VBScript injection. It uses modal dialogs and iframes to bypass security restrictions and execute a shell command.

Description

Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jelmer · textremotewindows

https://www.exploit-db.com/exploits/310

View Code ZIP pw:eip

This exploit leverages a vulnerability in Internet Explorer (CVE-2004-2291) to execute arbitrary code via a crafted HTML page with JavaScript and VBScript injection. It uses modal dialogs and iframes to bypass security restrictions and execute a shell command.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Internet Explorer (versions prior to the fix for CVE-2004-2291)

No auth needed

Prerequisites: Victim must visit a malicious webpage using a vulnerable version of Internet Explorer

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/9335

Exploit, Vendor Advisory mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/348688

Scores

EPSS 0.1088

EPSS Percentile 95.3%

Details

Status published

Products (3)

microsoft/ie 6.0 sp1

microsoft/internet_explorer 5.5 (4 CPE variants)

microsoft/internet_explorer 6.0

Published Dec 31, 2004

Tracked Since Feb 18, 2026