Lucene search

[email protected]CVE-2003-0115

HistoryMay 12, 2003 - 4:00 a.m.

CVE-2003-0115

2003-05-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0115

microsoft internet explorer

third party rendering

remote code execution

web script

vulnerability

7.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.9%

JSON

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the “Third Party Plugin Rendering” vulnerability, a different vulnerability than CVE-2003-0233.

CPENameOperatorVersion
microsoft:iemicrosoft ieeq6.0
microsoft:internet_explorermicrosoft internet explorereq5.5
microsoft:internet_explorermicrosoft internet explorereq5.0.1
microsoft:internet_explorermicrosoft internet explorereq6.0

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	6.0
microsoft:internet_explorer	microsoft internet explorer	eq	5.5
microsoft:internet_explorer	microsoft internet explorer	eq	5.0.1
microsoft:internet_explorer	microsoft internet explorer	eq	6.0

References

www.iss.net/security_center/static/11848.php

docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-015

7.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.9%

JSON

Related for CVE-2003-0115

cve1 openvas2