CVE-2003-0309
CVE-2003-0309
Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause Internet Explorer to execute the program, as demonstrated using a large number of FRAME or IFRAME tags, aka the "File Download Dialog Vulnerability."
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/22575unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://marc.info/?l=bugtraq&m=105249399103214&w=2http://marc.info/?l=bugtraq&m=105294081325040&w=2http://marc.info/?l=ntbugtraq&m=105294162726096&w=2https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-020http://secunia.com/advisories/8807https://exchange.xforce.ibmcloud.com/vulnerabilities/12019https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A948http://www.kb.cert.org/vuls/id/251788http://www.securityfocus.com/bid/7539