Lucene search

[email protected]NVD:CVE-2003-0446

HistoryJul 24, 2003 - 4:00 a.m.

CVE-2003-0446

2003-07-2404:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.1

Confidence

High

EPSS

0.022

Percentile

89.4%

JSON

Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message.

Affected configurations

Nvd

Node

microsoftinternet_explorerMatch5.5

microsoftinternet_explorerMatch6.0

VendorProductVersionCPE
microsoftinternet_explorer5.5cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
microsoftinternet_explorer6.0cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	internet_explorer	5.5	cpe:2.3:a:microsoft:internet_explorer:5.5:::::::*
microsoft	internet_explorer	6.0	cpe:2.3:a:microsoft:internet_explorer:6.0:::::::*

References

archives.neohapsis.com/archives/bugtraq/2003-06/0120.html

lists.grok.org.uk/pipermail/full-disclosure/2003-June/005762.html

marc.info/?l=bugtraq&m=105585986015421&w=2

marc.info/?l=bugtraq&m=105595990924165&w=2

marc.info/?l=ntbugtraq&m=105585001905002&w=2

secunia.com/advisories/9055

security.greymagic.com/adv/gm013-ie/

www.osvdb.org/3065

www.securityfocus.com/bid/7938

exchange.xforce.ibmcloud.com/vulnerabilities/12334

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.1

Confidence

High

EPSS

0.022

Percentile

89.4%

JSON

Related for NVD:CVE-2003-0446

cvelist1 cve1 exploitdb1