CVE-2003-0116
Last modified
CVE-2003-0116 is a vulnerability of currently unknown severity. Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution.". EPSS estimates a 25.25% chance of exploitation in the next 30 days.
Description
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution."
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Ie | 6.0 | Sp1 |
| Microsoft | Internet Explorer | 5.0.1 | — |
| Microsoft | Internet Explorer | 5.5 | — |
| Microsoft | Internet Explorer | 6.0 | — |
References
- http://www.kb.cert.org/vuls/id/244729US Government Resource
- http://www.securityfocus.com/bid/6306Exploit, Patch, Vendor Advisory
- http://www.kb.cert.org/vuls/id/244729US Government Resource
- http://www.securityfocus.com/bid/6306Exploit, Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2003-0116?
How severe is CVE-2003-0116?
How do I fix CVE-2003-0116?
Are you affected by CVE-2003-0116?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST