CVE-2003-0309
Description
Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause Internet Explorer to execute the program, as demonstrated using a large number of FRAME or IFRAME tags, aka the "File Download Dialog Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*
- (no CPE)range: 5.01, 5.5, 6.0
Patches
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
9- www.kb.cert.org/vuls/id/251788nvdUS Government Resource
- marc.infonvd
- marc.infonvd
- marc.infonvd
- secunia.com/advisories/8807nvd
- www.securityfocus.com/bid/7539nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-020nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/12019nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A948nvd
News mentions
0No linked articles in our index yet.