← Back

CVE-2003-0532

nvd nist
Published: Aug 27, 2003Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability.

Affected (9)

Microsoft
2 products
Ie
Internet Explorer
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Ie
Version 6.0 sp1
Microsoft
Internet Explorer
Version 5.0.1
Internet Explorer
Version 5.0.1 sp1
Internet Explorer
Version 5.0.1 sp2
Internet Explorer
Version 5.0.1 sp3
Internet Explorer
Version 5.5
Internet Explorer
Version 5.5 sp1
Internet Explorer
Version 5.5 sp2
Internet Explorer
Version 6.0

References (10)

Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.