CVE-2004-0979

medium Microsoft
CVSS v3 Base Score
4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
3.2%
Exploitation probability in 30 days
Top 13% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: December 31, 2004 (7804 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

Internet Explorer on Windows XP does not properly modify the "Drag and Drop or copy and paste files" setting when the user sets it to "Disable" or "Prompt," which may enable security-sensitive operations that are inconsistent with the user's intended configuration.

CWE

NVD-CWE-Other

Affected Products

microsoft iemicrosoft internet explorermicrosoft windows xp

References

🔗 www.kb.cert.org 🔗 www.us-cert.gov 🔗 docs.microsoft.com 🔗 exchange.xforce.ibmcloud.com 🔗 www.kb.cert.org