Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2003-0344 | First vendor Publication | 2003-06-16 |
Vendor | Cve | Last vendor Modification | 2021-07-23 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0344 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:922 | |||
Oval ID: | oval:org.mitre.oval:def:922 | ||
Title: | IE Slash Characters in Type Property Vulnerability | ||
Description: | Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0344 | Version: | 4 |
Platform(s): | Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 3 |
ExploitDB Exploits
id | Description |
---|---|
2010-08-25 | MS03-020 Internet Explorer Object Type |
OpenVAS Exploits
Date | Description |
---|---|
2005-11-03 | Name : IE 5.01 5.5 6.0 Cumulative patch (890923) File : nvt/smb_nt_ms02-005.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
2967 | Microsoft IE Object Type Property Overflow Microsoft Internet Explorer contains a flaw in the way it handles certain "Object" tags. The flaw is triggered due to a buffer overflow in the "Type" property of the "Object" tag. While there are some sanity checks for buffer input, these can be circumvented using special characters. This attack may be utilized wherever IE parses HTML, so this vulnerability, affects newsgroups, mailing lists, or websites. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Internet Explorer malformed object type overflow attempt RuleID : 3149-community - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer malformed object type overflow attempt RuleID : 3149 - Revision : 13 - Type : BROWSER-IE |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-07-27 00:24:37 |
|
2021-07-24 01:44:15 |
|
2021-07-24 01:01:32 |
|
2021-07-23 17:24:41 |
|
2021-05-04 12:02:03 |
|
2021-04-22 01:02:09 |
|
2020-05-23 13:16:44 |
|
2020-05-23 00:15:24 |
|
2018-10-13 00:22:26 |
|
2017-10-11 09:23:17 |
|
2016-10-18 12:01:10 |
|
2016-04-26 12:32:43 |
|
2014-01-19 21:21:56 |
|
2013-05-11 11:51:06 |
|