Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1048

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-1048
Last Modified 10 Sep 2008 03:21:37
Published 27 Jul 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1048

Summary

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.

Vulnerable Systems

Application

  • Microsoft Ie 5.0.1

  • Microsoft Ie 5.5

  • Microsoft Ie 6.0

  • Microsoft Outlook 2000

  • Microsoft Outlook 2002


References

CERT - TA04-212A

CERT-VN - VU#685364

XF - ie-mshtml-gif-bo(16804)

BID - 8530

MS - MS04-025

CIAC - O-191

FULLDISC - 20040903 Re: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service?

FULLDISC - 20040902 AW: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll

FULLDISC - 20030902 New Microsoft Internet Explorer mshtml.dll Denial of Service?


Last Updated: 27 May 2016 10:38:09