7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.0%
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or (2) modifying the createRange method and using the FIND dialog to select text, as demonstrated using Findeath, aka the “Function Pointer Override Cross Domain” vulnerability.
marc.info/?l=bugtraq&m=106321757619047&w=2
marc.info/?l=bugtraq&m=106322542104656&w=2
secunia.com/advisories/10192
securitytracker.com/id?1007687
www.ciac.org/ciac/bulletins/o-021.shtml
www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2003-09/0150.html
www.osvdb.org/7888
www.osvdb.org/7889
www.safecenter.net/UMBRELLAWEBV4/Linkiller/Linkiller-Content.HTM
www.safecenter.net/UMBRELLAWEBV4/LinkillerJPU/LinkillerJPU-Content.HTM
www.safecenter.net/UMBRELLAWEBV4/LinkillerSaveRef/LinkillerSaveRef-Content.HTM
www.securityfocus.com/archive/1/337086
www.securityfocus.com/bid/9014
docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-048
exchange.xforce.ibmcloud.com/vulnerabilities/13676
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A351
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A352
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A353
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A356
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A357
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A359
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A472