CVE-2003-0815

Опубликовано: 03 фев. 2004

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or (2) modifying the createRange method and using the FIND dialog to select text, as demonstrated using Findeath, aka the "Function Pointer Override Cross Domain" vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.17013

Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-x5h5-m6w2-8cgv

github

больше 3 лет назад