Vulnerability Description
Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Ie | 6.0 |
| Microsoft | Internet Explorer | 6.0 |
| Microsoft | Windows Xp | All versions |
References
- http://www.kb.cert.org/vuls/id/630720Third Party AdvisoryUS Government Resource
- http://www.us-cert.gov/cas/techalerts/TA04-293A.htmlUS Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-03
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17820
- http://www.kb.cert.org/vuls/id/630720Third Party AdvisoryUS Government Resource
- http://www.us-cert.gov/cas/techalerts/TA04-293A.htmlUS Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-03
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17820
FAQ
What is CVE-2004-0979?
CVE-2004-0979 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operati...
How severe is CVE-2004-0979?
CVE-2004-0979 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0979?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Ie, Microsoft Internet Explorer, Microsoft Windows Xp.