Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0009

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2003-0009
Last Modified 05 Sep 2008 04:33:12
Published 07 Mar 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-0009

Summary

Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.

Vulnerable Systems

Operating System

  • Microsoft Windows Me

  • Microsoft Windows Xp


References

CERT-VN - VU#489721

BID - 6966

MS - MS03-006

BUGTRAQ - 20030227 MS-Windows ME IE/Outlook/HelpCenter critical vulnerability

XF - winme-hsc-hcp-bo(11425)

OSVDB - 6074

CIAC - N-047


Last Updated: 27 May 2016 10:37:45