Vulnerability in N/a
CVE-2003-0816
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to l…
EPSS: 0.672 (98.6th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 20030910 MSIE->WsFakeSrc (mailing-list, x_refsource_BUGTRAQ)
- 20030910 MSIE->WsOpenJpuInHistory (mailing-list, x_refsource_BUGTRAQ)
- oval:org.mitre.oval:def:362 (signature, x_refsource_OVAL, vdb-entry)
- oval:org.mitre.oval:def:361 (signature, x_refsource_OVAL, vdb-entry)
- oval:org.mitre.oval:def:416 (signature, x_refsource_OVAL, vdb-entry)
- 20030910 MSIE->WsBASEjpu (mailing-list, x_refsource_BUGTRAQ)
- www.safecenter.net/liudieyu/WsFakeSrc/WsFakeSrc-Content.HTM (x_refsource_MISC)
- 20030910 MSIE->NAFjpuInHistory (mailing-list, x_refsource_BUGTRAQ)
- VU#771604 (x_refsource_CERT-VN, third-party-advisory)
- 20030910 MSIE->BackMyParent2:Multi-Thread version (mailing-list, x_refsource_BUGTRAQ)