High

CVE-2003-0115 - Unspecified vulnerability in Microsoft Internet Explorer

Publication: 2003-05-12
Summary

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233.

Risk level (CVSS 7.5)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Microsoft Internet Explorer 5.0.1
  • Microsoft Internet Explorer 5.0.1
  • Microsoft Internet Explorer 5.0.1
  • Microsoft Internet Explorer 5.0.1
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0