Vulnerabilities > CVE-2003-1048 - Double Free vulnerability in Microsoft products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 | |
| OS | 9 |
Common Weakness Enumeration (CWE)
Oval
accepted 2014-02-24T04:00:24.154-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. family windows id oval:org.mitre.oval:def:1793 status accepted submitted 2004-07-30T04:00:00.000-04:00 title IE v6.0 Malformed GIF Image Double-free Vulnerability version 67 accepted 2014-02-24T04:00:28.945-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. family windows id oval:org.mitre.oval:def:206 status accepted submitted 2004-07-30T12:00:00.000-04:00 title IE v5.01,SP2 Malformed GIF Image Double-free Vulnerability version 67 accepted 2014-02-24T04:00:42.119-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. family windows id oval:org.mitre.oval:def:2100 status accepted submitted 2004-07-30T12:00:00.000-04:00 title IE v5.5,SP2 Malformed GIF Image Double-free Vulnerability version 66 accepted 2014-02-24T04:00:56.999-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. family windows id oval:org.mitre.oval:def:212 status accepted submitted 2004-07-30T12:00:00.000-04:00 title IE v5.01,SP3 Malformed GIF Image Double-free Vulnerability version 67 accepted 2014-02-24T04:03:12.485-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description e (application crash) via a malformed GIF image. family windows id oval:org.mitre.oval:def:236 status accepted submitted 2004-07-30T12:00:00.000-04:00 title IE v6.0,SP1 Malformed GIF Image Double-free Vulnerability version 68 accepted 2014-02-24T04:03:21.111-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. family windows id oval:org.mitre.oval:def:509 status accepted submitted 2004-07-30T12:00:00.000-04:00 title IE v5.01,SP4 Malformed GIF Image Double-free Vulnerability version 68 accepted 2014-02-24T04:03:21.542-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Harvey Rubinovitz organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. family windows id oval:org.mitre.oval:def:517 status accepted submitted 2004-07-30T12:00:00.000-04:00 title IE v6.0,SP1 (Server 2003) Malformed GIF Image Double-free Vulnerability version 69
References
- http://www.securityfocus.com/bid/8530
- http://www.kb.cert.org/vuls/id/685364
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009445.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009473.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009506.html
- http://www.us-cert.gov/cas/techalerts/TA04-212A.html
- http://www.ciac.org/ciac/bulletins/o-191.shtml
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16804
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A517
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A509
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A236
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A212
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2100
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A206
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1793
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-025