VDB

GCVE-110-CERTCC-2003-652452

GCVE-110-CERTCC-2003-652452
Advisory Published
Vulnetix · Advisory published September 10, 2003
Microsoft Internet Explorer (IE) does not adequately validate javascript: protocol URLs. An attacker could exploit this vulnerability to evaluate script in different security domains. By causing script to be evaluated in the Local Machine Zone, the attacker could execute arbitrary code with the privileges of the user running IE.

Risk Scores

certcc-cam
certcc-cam
impact15population18exploitation13widely_known18score_current56.041875ease_of_exploitation15

References

Browse GCVE Records

72,921 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›