Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2003-1025

Published: 20/01/2004 Updated: 23/07/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 445
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Internet Explorer 5.01 through 6 SP1 allows remote malicious users to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet explorer 6.0

Exploits

Exploit DB: Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (2)
source: wwwsecurityfocuscom/bid/9182/info A weakness has been reported in multiple browsers that may allow attackers to obfuscate the URI for a visited page The problem is said to occur when a URI designed to pass access a specific location with a supplied username, contains a hexadecimal 1 value prior to the @ symbol An attacker cou ...
Exploit DB: Opera Browser 6.0 6 - URI Display Obfuscation
source: wwwsecurityfocuscom/bid/9281/info A weakness has been reported in Opera that may allow attackers to obfuscate the URI for a visited page The problem is said to occur when a URI that is designed to access a specific location with a supplied username, contains a specially crafted sequence of characters These characters will be int ...
Exploit DB: Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (1)
source: wwwsecurityfocuscom/bid/9182/info A weakness has been reported in multiple browsers that may allow attackers to obfuscate the URI for a visited page The problem is said to occur when a URI designed to pass access a specific location with a supplied username, contains a hexadecimal 1 value prior to the @ symbol An attacker could ...

References

CWE-20http://www.securityfocus.com/archive/1/346948http://www.zapthedingbat.com/security/ex01/vun1.htmhttp://www.kb.cert.org/vuls/id/652278http://www.us-cert.gov/cas/techalerts/TA04-033A.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/13935https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A526https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A513https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A512https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A511https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A510https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A491https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A490https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-004https://nvd.nist.govhttps://www.exploit-db.com/exploits/23423/https://www.kb.cert.org/vuls/id/652278
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310CVE-2024-21683CVE-2024-22187chromedeserializationXPath injectionCVE-2024-27842denial of serviceCVE-2024-24851googleCVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook