Unrated severityNVD Advisory· Published Jul 24, 2003· Updated Jun 16, 2026
CVE-2003-0446
CVE-2003-0446
Description
Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
- (no CPE)range: 5.5, 6.0
Patches
Vulnerability mechanics
References
10- security.greymagic.com/adv/gm013-ie/nvdExploitVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2003-06/0120.htmlnvd
- lists.grok.org.uk/pipermail/full-disclosure/2003-June/005762.htmlnvd
- marc.infonvd
- marc.infonvd
- marc.infonvd
- secunia.com/advisories/9055nvd
- www.osvdb.org/3065nvd
- www.securityfocus.com/bid/7938nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/12334nvd
News mentions
0No linked articles in our index yet.