Unrated severityNVD Advisory· Published Jan 20, 2004· Updated Jun 16, 2026

CVE-2003-1028

Description

The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Microsoft/Ie
cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
Microsoft/Internet Explorer10 versions
cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
- (no CPE)range: 6 SP1

cvss	0.000
epss	0.015
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000

CVE-2003-1028

Description

AI Insight

Affected products

Patches

Vulnerability mechanics

References

News mentions