Vulnerabilities > CVE-2003-0817 - Unspecified vulnerability in Microsoft IE and Internet Explorer

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
microsoft
NVD
Published: 2004-02-03
Updated: 2021-07-23

Summary

Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.

Vulnerable Configurations

Part Description Count
Application
Microsoft
9

Oval

  • accepted2014-02-24T04:03:21.028-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.
    familywindows
    idoval:org.mitre.oval:def:508
    statusaccepted
    submitted2003-11-12T12:00:00.000-04:00
    titleIE v5.01,SP2 Zone Restrictions Bypass via XML Vulnerability
    version67
  • accepted2014-02-24T04:03:21.669-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.
    familywindows
    idoval:org.mitre.oval:def:520
    statusaccepted
    submitted2003-11-12T12:00:00.000-04:00
    titleIE v5.01,SP3 Zone Restrictions Bypass via XML Vulnerability
    version67
  • accepted2014-02-24T04:03:22.619-05:00
    classvulnerability
    contributors
    • nameTiffany Bergeron
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.
    familywindows
    idoval:org.mitre.oval:def:543
    statusaccepted
    submitted2003-11-12T05:00:00.000-04:00
    titleIE v6.0 (XP) Zone Restrictions Bypass via XML Vulnerability
    version67
  • accepted2014-02-24T04:03:22.682-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.
    familywindows
    idoval:org.mitre.oval:def:548
    statusaccepted
    submitted2003-11-12T12:00:00.000-04:00
    titleIE v5.01,SP4 Zone Restrictions Bypass via XML Vulnerability
    version67
  • accepted2014-02-24T04:03:23.104-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.
    familywindows
    idoval:org.mitre.oval:def:549
    statusaccepted
    submitted2003-11-12T12:00:00.000-04:00
    titleIE v5.5,SP2 Zone Restrictions Bypass via XML Vulnerability
    version66
  • accepted2014-02-24T04:03:23.353-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.
    familywindows
    idoval:org.mitre.oval:def:556
    statusaccepted
    submitted2003-11-12T12:00:00.000-04:00
    titleIE v6.0,SP1 Zone Restrictions Bypass via XML Vulnerability
    version67
  • accepted2014-02-24T04:03:23.677-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionInternet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object.
    familywindows
    idoval:org.mitre.oval:def:566
    statusaccepted
    submitted2003-11-12T12:00:00.000-04:00
    titleIE v6.0,SP1 (Server 2003) Zone Restrictions Bypass via XML Vulnerability
    version68

References