CVE-2003-0532Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
27.1%
top 3.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedAug 27
Latest updateApr 29

Description

Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/internet_explorer5.0.1, 5.5, 6.0+2
NVDmicrosoft/ie6.0

🔴Vulnerability Details

2
GHSA
GHSA-v4mq-xcq7-hmfv: Internet Explorer 52022-04-29
CVEList
CVE-2003-0532: Internet Explorer 52003-08-22
CVE-2003-0532 — Microsoft vulnerability | cvebase