Vulnerability Details CVE-2003-1326
Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.111
EPSS Ranking 93.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.ciac.org/ciac/bulletins/n-038.shtml
- http://www.iss.net/security_center/static/11258.php
- http://www.securityfocus.com/bid/6779
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-004
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A126
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A178
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A49
- http://www.ciac.org/ciac/bulletins/n-038.shtml
- http://www.iss.net/security_center/static/11258.php
- http://www.securityfocus.com/bid/6779
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-004
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A126
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A178
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A49
Products affected by CVE-2003-1326
-
cpe:2.3:a:microsoft:ie:6.0
-
cpe:2.3:a:microsoft:internet_explorer:5.0.1
-
cpe:2.3:a:microsoft:internet_explorer:5.5
-
cpe:2.3:a:microsoft:internet_explorer:6.0