Moderate

CVE-2003-0116 - Unspecified vulnerability in Microsoft Internet Explorer

Publication: 2003-05-12
Summary

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution."

Risk level (CVSS 5)

Moderate

5.0

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Microsoft Internet Explorer 5.0.1
  • Microsoft Internet Explorer 5.0.1
  • Microsoft Internet Explorer 5.0.1
  • Microsoft Internet Explorer 5.0.1
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0