Описание
The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality."
The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2003-1328
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-004
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A57
- http://archives.neohapsis.com/archives/bugtraq/2003-02/0083.html
- http://www.ciac.org/ciac/bulletins/n-038.shtml
- http://www.iss.net/security_center/static/11259.php
- http://www.kb.cert.org/vuls/id/400577
- http://www.securityfocus.com/bid/6780
EPSS
CVE ID
Связанные уязвимости
The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality."
EPSS