CVE-2003-0116 — Microsoft IE vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

27.6%

top 3.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft IE Microsoft Internet Explorer

Timeline

PublishedMay 12

Latest updateApr 29

Description

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution."

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDmicrosoft/internet_explorer5.0.1, 5.5, 6.0+2

▶NVDmicrosoft/ie6.0

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-jx57-4j83-7ghw: Microsoft Internet Explorer 5↗2022-04-29

▶

CVEList

CVE-2003-0116: Microsoft Internet Explorer 5↗2003-04-26

▶