Vulnerabilities > CVE-2003-1048 - Double Free vulnerability in Microsoft products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
microsoft
CWE-415

Summary

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.

Common Weakness Enumeration (CWE)

Oval

  • accepted2014-02-24T04:00:24.154-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionDouble free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
    familywindows
    idoval:org.mitre.oval:def:1793
    statusaccepted
    submitted2004-07-30T04:00:00.000-04:00
    titleIE v6.0 Malformed GIF Image Double-free Vulnerability
    version67
  • accepted2014-02-24T04:00:28.945-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionDouble free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
    familywindows
    idoval:org.mitre.oval:def:206
    statusaccepted
    submitted2004-07-30T12:00:00.000-04:00
    titleIE v5.01,SP2 Malformed GIF Image Double-free Vulnerability
    version67
  • accepted2014-02-24T04:00:42.119-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionDouble free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
    familywindows
    idoval:org.mitre.oval:def:2100
    statusaccepted
    submitted2004-07-30T12:00:00.000-04:00
    titleIE v5.5,SP2 Malformed GIF Image Double-free Vulnerability
    version66
  • accepted2014-02-24T04:00:56.999-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionDouble free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
    familywindows
    idoval:org.mitre.oval:def:212
    statusaccepted
    submitted2004-07-30T12:00:00.000-04:00
    titleIE v5.01,SP3 Malformed GIF Image Double-free Vulnerability
    version67
  • accepted2014-02-24T04:03:12.485-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptione (application crash) via a malformed GIF image.
    familywindows
    idoval:org.mitre.oval:def:236
    statusaccepted
    submitted2004-07-30T12:00:00.000-04:00
    titleIE v6.0,SP1 Malformed GIF Image Double-free Vulnerability
    version68
  • accepted2014-02-24T04:03:21.111-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionDouble free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
    familywindows
    idoval:org.mitre.oval:def:509
    statusaccepted
    submitted2004-07-30T12:00:00.000-04:00
    titleIE v5.01,SP4 Malformed GIF Image Double-free Vulnerability
    version68
  • accepted2014-02-24T04:03:21.542-05:00
    classvulnerability
    contributors
    • nameAndrew Buttner
      organizationThe MITRE Corporation
    • nameHarvey Rubinovitz
      organizationThe MITRE Corporation
    • nameChristine Walzer
      organizationThe MITRE Corporation
    • nameRobert L. Hollis
      organizationThreatGuard, Inc.
    • nameMaria Mikhno
      organizationALTX-SOFT
    descriptionDouble free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
    familywindows
    idoval:org.mitre.oval:def:517
    statusaccepted
    submitted2004-07-30T12:00:00.000-04:00
    titleIE v6.0,SP1 (Server 2003) Malformed GIF Image Double-free Vulnerability
    version69

References