CVE Vulnerabilities

CVE-2003-0532

Published: Aug 27, 2003 | Modified: Jul 23, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the Object Type vulnerability.

Affected Software

Name Vendor Start Version End Version
Ie Microsoft 6.0-sp1 (including) 6.0-sp1 (including)
Internet_explorer Microsoft 5.0.1 (including) 5.0.1 (including)
Internet_explorer Microsoft 5.0.1-sp1 (including) 5.0.1-sp1 (including)
Internet_explorer Microsoft 5.0.1-sp2 (including) 5.0.1-sp2 (including)
Internet_explorer Microsoft 5.0.1-sp3 (including) 5.0.1-sp3 (including)
Internet_explorer Microsoft 5.5 (including) 5.5 (including)
Internet_explorer Microsoft 5.5-sp1 (including) 5.5-sp1 (including)
Internet_explorer Microsoft 5.5-sp2 (including) 5.5-sp2 (including)
Internet_explorer Microsoft 6.0 (including) 6.0 (including)

References