VDB
CVE-2003-1048
CVE-2003-1048
PUBLISHED
CVSS 7.800000190734863 HIGH
Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
EPSS 33.17% · 97.0th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
33.17%
97.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows_98 | |
| microsoft | windows_xp | |
| microsoft | windows_me | |
| n/a | n/a | * |
| microsoft | windows_server_2003 | |
| microsoft | outlook | 2000, 2000, 2000 |
| microsoft | windows_nt | 4.0, 4.0, 4.0 |
| microsoft | internet_explorer | 5.01, 5.01, 6.0 |
| microsoft | windows_98se |
Timeline
- Jul 21, 2004 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
- Feb 3, 2024 EPSS Score
References
- VU#685364 third-party-advisory
- ie-mshtml-gif-bo(16804) vdb
- 20040903 Re: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service? mailing-list
- oval:org.mitre.oval:def:509 vdb
- oval:org.mitre.oval:def:236 vdb
- 8530 vdb
- 20030902 New Microsoft Internet Explorer mshtml.dll Denial of Service? mailing-list
- oval:org.mitre.oval:def:1793 vdb
- oval:org.mitre.oval:def:206 vdb
- MS04-025 vendor-advisory
- 20040902 AW: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll mailing-list
- TA04-212A third-party-advisory
- oval:org.mitre.oval:def:517 vdb
- oval:org.mitre.oval:def:2100 vdb
- oval:org.mitre.oval:def:212 vdb
- O-191 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2003-1048 advisory