Vulnerability Description
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Ie | 6.0 |
| Microsoft | Internet Explorer | 5.0.1 |
References
- http://www.kb.cert.org/vuls/id/244729US Government Resource
- http://www.securityfocus.com/archive/1/301945
- http://www.securityfocus.com/bid/6306ExploitPatchVendor Advisory
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-01
- http://www.kb.cert.org/vuls/id/244729US Government Resource
- http://www.securityfocus.com/archive/1/301945
- http://www.securityfocus.com/bid/6306ExploitPatchVendor Advisory
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-01
FAQ
What is CVE-2003-0116?
CVE-2003-0116 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a...
How severe is CVE-2003-0116?
CVE-2003-0116 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0116?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Ie, Microsoft Internet Explorer.