CVE-2003-0816
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containing Javascript, as demonstrated using WsOpenFileJPU, (3) setting the href property in the base tag for the _search window, as demonstrated using WsBASEjpu, (4) loading the search window into an Iframe, as demonstrated using WsFakeSrc, (5) caching a javascript: URL in the browser history, then accessing that URL in the same frame as the target domain, as demonstrated using WsOpenJpuInHistory, NAFjpuInHistory, BackMyParent, BackMyParent2, and RefBack, aka the "Script URLs Cross Domain" vulnerability.
EPSS 67.22% · 98.6th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | internet_explorer | 5.0.1, 6.0, 5.0.1 |
| n/a | n/a | * |
| microsoft | ie | 6.0 |
Timeline
- Jan 14, 2004 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 20030910 MSIE->WsFakeSrc mailing-list
- 20030910 MSIE->WsOpenJpuInHistory mailing-list
- oval:org.mitre.oval:def:362 vdb
- oval:org.mitre.oval:def:361 vdb
- oval:org.mitre.oval:def:416 vdb
- 20030910 MSIE->WsBASEjpu mailing-list
- http://www.safecenter.net/liudieyu/WsFakeSrc/WsFakeSrc-Content.HTM url
- 20030910 MSIE->NAFjpuInHistory mailing-list
- VU#771604 third-party-advisory
- 20030910 MSIE->BackMyParent2:Multi-Thread version mailing-list
- MS03-048 vendor-advisory
- 1007687 vdb
- http://www.safecenter.net/UMBRELLAWEBV4/WsOpenFileJPU/WsOpenFileJPU-Content.HTM url
- http://www.safecenter.net/UMBRELLAWEBV4/NAFfileJPU/NAFfileJPU-Content.htm url
- oval:org.mitre.oval:def:409 vdb
- oval:org.mitre.oval:def:479 vdb
- 20030911 LiuDieYu's missing files are here. mailing-list
- http://www.safecenter.net/liudieyu/BackMyParent/BackMyParent-content.htm url
- oval:org.mitre.oval:def:459 vdb
- 20030910 MSIE->NAFfileJPU mailing-list
…and 11 more