Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0815

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0815
Last Modified 10 Sep 2008 03:20:33
Published 03 Feb 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0815

Summary

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or (2) modifying the createRange method and using the FIND dialog to select text, as demonstrated using Findeath, aka the "Function Pointer Override Cross Domain" vulnerability.

Vulnerable Systems

Application

  • Microsoft Ie 5.0.1

  • Microsoft Ie 5.5

  • Microsoft Ie 6.0


References

BID - 9014

MS - MS03-048

BUGTRAQ - 20030911 LiuDieYu's missing files are here.

MISC - http://www.safecenter.net/UMBRELLAWEBV4/LinkillerSaveRef/LinkillerSaveRef-Content.HTM

MISC - http://www.safecenter.net/UMBRELLAWEBV4/LinkillerJPU/LinkillerJPU-Content.HTM

MISC - http://www.safecenter.net/UMBRELLAWEBV4/Linkiller/Linkiller-Content.HTM

XF - ie-pointer-zone-bypass(13676)

OSVDB - 7889

OSVDB - 7888

BUGTRAQ - 20030910 MSIE->LinkillerSaveRef:another caller-based authorization

CIAC - O-021

SECTRACK - 1007687

SECUNIA - 10192

BUGTRAQ - 20030910 MSIE->Findeath: break caller-based authorization

BUGTRAQ - 20030910 MSIE->LinkillerJPU:another caller-based authorization(is broken).


Last Updated: 27 May 2016 10:38:04