Vulnerabilities > CVE-2003-0447 - Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
exploit available
Summary
The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | Microsoft Internet Explorer 5 Custom HTTP Error HTML Injection Vulnerability. CVE-2003-0447 . Remote exploit for windows platform |
| id | EDB-ID:22784 |
| last seen | 2016-02-02 |
| modified | 2003-06-17 |
| published | 2003-06-17 |
| reporter | GreyMagic Software |
| source | https://www.exploit-db.com/download/22784/ |
| title | Microsoft Internet Explorer 5 Custom HTTP Error HTML Injection Vulnerability |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005763.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005763.html
- http://marc.info/?l=bugtraq&m=105585933614773&w=2
- http://marc.info/?l=bugtraq&m=105585933614773&w=2
- http://marc.info/?l=ntbugtraq&m=105585142406147&w=2
- http://marc.info/?l=ntbugtraq&m=105585142406147&w=2
- http://security.greymagic.com/adv/gm014-ie/
- http://security.greymagic.com/adv/gm014-ie/