Published: 24/07/2003 Updated: 23/07/2021

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 515

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote malicious users to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet explorer 5.01
microsoft internet explorer 5.5
microsoft internet explorer 6.0

source: wwwsecurityfocuscom/bid/7939/info An issue has been reported for Microsoft Internet Explorer that may result in HTML injection attacks The vulnerability exists when IE is used to display custom HTTP error messages also known as "Friendly HTTP error messages" Due to some errors when extracting URLs from the custom error pages, i ...

NVD-CWE-Other http://security.greymagic.com/adv/gm014-ie/http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005763.html http://marc.info/?l=bugtraq&m=105585933614773&w=2 http://marc.info/?l=ntbugtraq&m=105585142406147&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/22784/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0447

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect