VDB

CVE-2003-0532

CVE-2003-0532 PUBLISHED CVSS 7.5 HIGH

Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability.

EPSS 27.12% · 96.5th percentile

Risk Scores

CVSS 2.0
7.5
EPSS Score
27.12%
96.5th percentile

Affected Products

VendorProductVersions
microsoftie6.0
n/an/a*
microsoftinternet_explorer5.0.1, 5.0.1, 5.5

Timeline

  • Aug 22, 2003 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Oct 30, 2023 EPSS Score
  • Dec 22, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›