VDB

GCVE-110-CERTCC-2003-784102

GCVE-110-CERTCC-2003-784102
Advisory Published
Vulnetix · Advisory published November 25, 2003
Microsoft Internet Explorer (IE) does not properly determine the source of script used in URLs stored in the "Travel Log." An attacker could exploit this vulnerability to evaluate script in different security domains. By causing script to be evaluated in the Local Machine Zone, the attacker could execute arbitrary code with the privileges of the user running IE.

Risk Scores

certcc-cam
certcc-cam
impact15population18exploitation0widely_known20score_current41.00625ease_of_exploitation15

References

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›