CVE-2004-2383

Microsoft Internet Explorer <6.0 - CSRF

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2383. PoCs published by iDefense.

AI-analyzed exploit summary This exploit demonstrates a cross-frame scripting restriction bypass in Microsoft Internet Explorer, allowing keystroke capture from a foreign domain via event leakage in framesets.

Description

Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to bypass cross-frame scripting restrictions and capture keyboard events from other domains via an HTML document with Javascript that is outside a frameset that includes the target domain, then forcing the frameset to maintain focus. NOTE: the discloser claimed that the vendor does not categorize this as a vulnerability, but it can be used in a spoofing scenario; the discloser provides alternate scenarios. Spoofing scenarios are currently included in CVE.

Exploits (1)

exploitdb WORKING POC VERIFIED
by iDefense · htmlremotewindows
https://www.exploit-db.com/exploits/23766

This exploit demonstrates a cross-frame scripting restriction bypass in Microsoft Internet Explorer, allowing keystroke capture from a foreign domain via event leakage in framesets.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Internet Explorer (versions affected by CVE-2004-2383)
No auth needed
Prerequisites: Victim must visit a malicious webpage using a vulnerable version of Internet Explorer
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9761
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15337

Scores

EPSS 0.1997
EPSS Percentile 97.1%

Details

Status published
Products (3)
microsoft/ie 6.0 sp1
microsoft/internet_explorer 5.5 (3 CPE variants)
microsoft/internet_explorer 6.0
Published Dec 31, 2004
Tracked Since Feb 18, 2026