CVE-2004-0380 — AI Deep Analysis Summary

🚨 **Essence**: IE's MS-ITS protocol handler is flawed. 📉 **Consequences**: Attackers trick users into visiting malicious pages.…

🛡️ **Root Cause**: Improper handling of the **MS-ITS InfoTech Protocol** URI. 🐛 **Flaw**: The browser incorrectly redirects to non-existent MHTML files, tricking the security engine.…

👥 **Affected**: **Microsoft Internet Explorer**. 📅 **Context**: Vulnerability published in **April 2004**. 🖥️ **Scope**: All versions of IE susceptible to this specific MS-ITS protocol bypass at the time.…

🕵️ **Hackers' Power**: Execute **malicious code** remotely. 🔓 **Privileges**: Gains **System/Local Computer permissions**. 📂 **Data Access**: Can access local files, run CHM/HTML content as trusted local apps.…

⚠️ **Threshold**: **Medium**. 🖱️ **Requirement**: User interaction needed (must visit malicious page). 🔑 **Auth**: No authentication bypass needed, but relies on **Social Engineering** (tricking the user).…

📜 **Public Exp?**: Yes. 📚 **References**: SecurityFocus BID **9658** and **9105** listed. 🔍 **PoC**: Described as constructing a malicious page using MS-ITS protocol to redirect to local resources.…

🔍 **Self-Check**: Scan for usage of **MS-ITS://** protocol in URLs. 📄 **Indicator**: Look for redirects to non-existent MHTML files or local CHM files via IE.…

🩹 **Fixed?**: Yes. 📅 **Date**: Patched around **April 6, 2004**. 🔄 **Action**: Microsoft released security updates to fix the MS-ITS protocol handling.…

🚧 **No Patch?**: Disable **MS-ITS protocol** support if possible. 🚫 **Mitigation**: Restrict IE security settings to **High**. 🛑 **Block**: Prevent access to untrusted sites.…

🔥 **Urgency**: **High** (Historically). 📉 **Current**: **Low** (Legacy). ⚠️ **Priority**: Critical for systems still running IE in 2004.…