ID CVE-2003-0838
Summary Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer treats as HTML or Javascript, but later executes as an HTA application, a different vulnerability than CVE-2003-0532, and as exploited using the QHosts Trojan horse (aka Trojan.Qhosts, QHosts-1, VBS.QHOSTS, or aolfix.exe).
References
Vulnerable Configurations
  • Microsoft Internet Explorer 5.0.1
    cpe:2.3:a:microsoft:ie:5.0.1
  • Microsoft Internet Explorer 5.0.1 SP1
    cpe:2.3:a:microsoft:ie:5.0.1:sp1
  • Microsoft Internet Explorer 5.0.1 SP2
    cpe:2.3:a:microsoft:ie:5.0.1:sp2
  • Microsoft Internet Explorer 5.0.1 SP3
    cpe:2.3:a:microsoft:ie:5.0.1:sp3
  • Microsoft ie 5.5
    cpe:2.3:a:microsoft:ie:5.5
  • Microsoft Internet Explorer 5.5 SP1
    cpe:2.3:a:microsoft:ie:5.5:sp1
  • Microsoft Internet Explorer 5.5 SP2
    cpe:2.3:a:microsoft:ie:5.5:sp2
  • Microsoft Internet Explorer 6.0
    cpe:2.3:a:microsoft:ie:6.0
  • cpe:2.3:a:microsoft:ie:6.0:sp1
    cpe:2.3:a:microsoft:ie:6.0:sp1
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Microsoft Internet Explorer 5/6 Browser Popup Window Object Type Validation Vulnerability. CVE-2003-0838. Remote exploit for windows platform
id EDB-ID:23114
last seen 2016-02-02
modified 2003-09-07
published 2003-09-07
reporter http-equiv
source https://www.exploit-db.com/download/23114/
title Microsoft Internet Explorer 5/6 Browser Popup Window Object Type Validation Vulnerability
oval via4
accepted 2014-02-24T04:00:27.219-05:00
class vulnerability
contributors
  • name Tiffany Bergeron
    organization The MITRE Corporation
  • name Andrew Buttner
    organization The MITRE Corporation
  • name Christine Walzer
    organization The MITRE Corporation
  • name Robert L. Hollis
    organization ThreatGuard, Inc.
  • name Maria Mikhno
    organization ALTX-SOFT
description Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer treats as HTML or Javascript, but later executes as an HTA application, a different vulnerability than CVE-2003-0532, and as exploited using the QHosts Trojan horse (aka Trojan.Qhosts, QHosts-1, VBS.QHOSTS, or aolfix.exe).
family windows
id oval:org.mitre.oval:def:204
status accepted
submitted 2003-11-12T05:00:00.000-04:00
title IE ActiveX Popup Zone Restriction Bypass
version 67
refmap via4
bid 8556
bugtraq
  • 20030907 BAD NEWS: Microsoft Security Bulletin MS03-032
  • 20030908 Temporary Fix for IE Zero Day Malware RE: BAD NEWS: Microsoft Security Bulletin MS03-032
fulldisc 20030907 BAD NEWS: Microsoft Security Bulletin MS03-032
misc http://securityresponse.symantec.com/avcenter/venc/data/trojan.qhosts.html
ms MS03-040
ntbugtraq
  • 20030907 BAD NEWS: Microsoft Security Bulletin MS03-032
  • 20031001 DNS/Hosts file issues
osvdb 7872
xf ie-popup-code-execution(13314)
Last major update 17-10-2016 - 22:37
Published 17-11-2003 - 00:00
Last modified 12-10-2018 - 17:33
Back to Top