CVE-2003-0447

Published: Jul 24, 2003Modified: Apr 16, 2026

5.1

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability: 4.9 / Impact: 6.4

Source: NVD

Description

The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated.

Affected (3)

Products: Microsoft: Internet Explorer

Microsoft

1 product

Internet Explorer

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 5.01
Microsoft Internet Explorer	Version 5.5
Microsoft Internet Explorer	Version 6.0

References (8)

http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005763.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=105585933614773&w=2

Source: cve@mitre.org

http://marc.info/?l=ntbugtraq&m=105585142406147&w=2

Source: cve@mitre.org

http://security.greymagic.com/adv/gm014-ie/

Source: cve@mitre.org

ExploitVendor Advisory

http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005763.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=105585933614773&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=ntbugtraq&m=105585142406147&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.greymagic.com/adv/gm014-ie/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

Timeline

No history available yet.