CVE-2003-0233Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Explorer

4 documents4 sources
Severity
7.5HIGHNVD
EPSS
13.3%
top 5.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedMay 12
Latest updateApr 29

Description

Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/internet_explorer5.0.1, 5.5, 6.0+2
NVDmicrosoft/ie6.0

🔴Vulnerability Details

2
GHSA
GHSA-2w86-q89h-9668: Heap-based buffer overflow in plugin2022-04-29
CVEList
CVE-2003-0233: Heap-based buffer overflow in plugin2003-05-02

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows XP/Vista/2000/2003 - Double-Free Memory Corruption Privilege Escalation2010-02-09
CVE-2003-0233 — Microsoft vulnerability | cvebase