Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2003-0532
HistoryAug 27, 2003 - 4:00 a.m.

CVE-2003-0532

2003-08-2704:00:00
mitre
web.nvd.nist.gov
37
cve-2003-0532
internet explorer
object type
vulnerability
web servers
remote code execution
content-type

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

High

EPSS

0.286

Percentile

96.9%

JSON

Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the “Object Type” vulnerability.

Affected configurations

Nvd
Node
microsoftieMatch6.0sp1
OR
microsoftinternet_explorerMatch5.0.1
OR
microsoftinternet_explorerMatch5.0.1sp1
OR
microsoftinternet_explorerMatch5.0.1sp2
OR
microsoftinternet_explorerMatch5.0.1sp3
OR
microsoftinternet_explorerMatch5.5
OR
microsoftinternet_explorerMatch5.5sp1
OR
microsoftinternet_explorerMatch5.5sp2
OR
microsoftinternet_explorerMatch6.0
VendorProductVersionCPE
microsoftie6.0cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
microsoftinternet_explorer5.0.1cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
microsoftinternet_explorer5.0.1cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
microsoftinternet_explorer5.0.1cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
microsoftinternet_explorer5.0.1cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*
microsoftinternet_explorer5.5cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
microsoftinternet_explorer5.5cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
microsoftinternet_explorer5.5cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
microsoftinternet_explorer6.0cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*

Related

cvelist 2
nvd 2
cve 1
securityvulns 1
cert 1
cvelist
cvelist
CVE-2003-0532
2003-08-22 04:00:00
CVE-2003-0838
2003-10-07 04:00:00
nvd
nvd
CVE-2003-0532
2003-08-27 04:00:00
CVE-2003-0838
2003-11-17 05:00:00
cve
cve
CVE-2003-0838
2003-11-17 05:00:00
securityvulns
securityvulns
CERT Advisory CA-2003-22 Multiple Vulnerabilities in Microsoft Internet Explorer
2003-08-27 00:00:00
cert
cert
Microsoft Internet Explorer does not properly evaluate "application/hta" MIME type referenced by DATA attribute of OBJECT element
2003-08-25 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

High

EPSS

0.286

Percentile

96.9%

JSON
Related for CVE-2003-0532
cvelist2nvd2cve1securityvulns1cert1