CVE-2004-0727
HIGHEPSS 98th pctlDescription
Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability."
CVSS v2 Vector
No CVSS vector data available.
Exploit Intelligence
Very high risk: more likely to be exploited than 98% of all known CVEs.
References
- http://freehost07.websamba.com/greyhats/similarmethodnameredir.htm
- http://marc.info/?l=bugtraq&m=108966512815373&w=2
- http://secunia.com/advisories/12048
- http://www.kb.cert.org/vuls/id/207264
- http://www.us-cert.gov/cas/techalerts/TA04-293A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16681
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4702
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6829
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7084
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7448
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7496
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7906
Find and fix vulnerabilities across your fleet
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start freeThis product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-04-16.