Vulnerabilities > CVE-2003-1326 - Unspecified vulnerability in Microsoft IE and Internet Explorer
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
Oval
accepted 2014-02-24T04:00:11.754-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." family windows id oval:org.mitre.oval:def:126 status accepted submitted 2004-01-27T05:00:00.000-04:00 title IE v6.0 Improper Cross Domain Security Validation with Dialog Box version 66 accepted 2014-02-24T04:00:23.739-05:00 class vulnerability contributors name Andrew Buttner organization The MITRE Corporation name Maria Mikhno organization ALTX-SOFT
description Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." family windows id oval:org.mitre.oval:def:178 status accepted submitted 2004-01-27T12:00:00.000-04:00 title IE v5.5 Improper Cross Domain Security Validation with Dialog Box version 66 accepted 2014-02-24T04:03:20.061-05:00 class vulnerability contributors name David Proulx organization The MITRE Corporation name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Robert L. Hollis organization ThreatGuard, Inc. name Maria Mikhno organization ALTX-SOFT
description Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." family windows id oval:org.mitre.oval:def:49 status accepted submitted 2003-11-12T12:00:00.000-04:00 title IE v5.01 Improper Cross Domain Security Validation with Dialog Box version 66
References
- http://www.iss.net/security_center/static/11258.php
- http://www.ciac.org/ciac/bulletins/n-038.shtml
- http://www.securityfocus.com/bid/6779
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A49
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A178
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A126
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-004