CVE-2003-1275
published 2003-12-31CVE-2003-1275: Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML…
PriorityP417medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
16.70%
96.6th percentile
Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | pocket_ie | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Denial of Service
exploitdb·2008-03-11
CVE-2008-1275 MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Denial of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Denial of Service
---
#!/usr/bin/python
##########################################################################
#
# MailEnable SMTP Service VRFY/EXPN Command Buffer Overflow ( DoS )
# Bug discovered by Matteo Memelli aka ryujin
# http://www.gray-world.net http://www.be4mind.com
#
# Affected Versions : Standard Edition all versions
# Professional Edition all versions
# Enterprise Edition all versions
# Tested on OS : Windows 2000 SP4 English
# Windows 2003 Standard Edition Italian
# Windows XP SP2 English
# Discovery Date : 02/24/2008
# Initial vendor notification : 03/06/2008
# Coordinated public disclosure: 03/11/2008
#
# CONGRATS TO THE MAILENABLE TEAM: VERY FAST IN PATCHING AND ANSWERING!!
#
#-----------------------------------------------
Exploit-DB
Microsoft Pocket Internet Explorer 3.0 - Denial of Service
exploitdb·2003-01-03
CVE-2003-1275 Microsoft Pocket Internet Explorer 3.0 - Denial of Service
Microsoft Pocket Internet Explorer 3.0 - Denial of Service
---
source: https://www.securityfocus.com/bid/6507/info
A denial of service vulnerability has been reported for Pocket Internet Explorer (PIE). The vulnerability is due to the way some JavaScript code is interpreted by PIE.
By enticing a victim user to browse a maliciously crafted web page an attacker can cause PIE to crash.
function displayPage(page){
if(page=="onload"){
main.innerHTML="Crash
me";}
if(page=="crash"){
main.innerHTML="crash!";}
}
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2003-01/0013.htmlhttp://www.iss.net/security_center/static/11004.phphttp://www.securityfocus.com/bid/6507http://archives.neohapsis.com/archives/bugtraq/2003-01/0013.htmlhttp://www.iss.net/security_center/static/11004.phphttp://www.securityfocus.com/bid/6507
2003-12-31
Published