Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0809Microsoft Internet Explorer vulnerability

4 documents4 sources
Severity
7.5HIGHNVD
EPSS
45.5%
top 2.38%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedNov 17
Latest updateApr 29

Description

Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/internet_explorer5.0.1, 5.5, 6.0+2
NVDmicrosoft/ie6.0

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-7f7c-5m52-265g: Internet Explorer 52022-04-29
CVEList
CVE-2003-0809: Internet Explorer 52003-10-08

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5 - XML Page Object Type Validation (MS03-040)2003-09-08
CVE-2003-0809 — Microsoft vulnerability | cvebase