CVE-2003-0815 in Internet Explorerinfo

Summary

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or (2) modifying the createRange method and using the FIND dialog to select text, as demonstrated using Findeath, aka the "Function Pointer Override Cross Domain" vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

09/18/2003

Disclosure

02/03/2004

Moderation

VulDB entry created

Entries

VDB-21526 (1)

CPE

ready

CWE

CWE-269 (Confirmed)

CVSS

7.3

EPSS

0.13269

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-0815
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0815
CVE Details	https://www.cvedetails.com/cve/CVE-2003-0815/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!