9.3
CVE-2003-1026
- EPSS 39.21%
- Veröffentlicht 20.01.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:23
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called, as demonstrated by BackToFramedJpu, aka the "Travel Log Cross Domain Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Explorer Version5.0
Microsoft ≫ Internet Explorer Version5.0.1
Microsoft ≫ Internet Explorer Version5.0.1 Updatesp1
Microsoft ≫ Internet Explorer Version5.0.1 Updatesp2
Microsoft ≫ Internet Explorer Version5.0.1 Updatesp3
Microsoft ≫ Internet Explorer Version5.5
Microsoft ≫ Internet Explorer Version5.5 Updatesp1
Microsoft ≫ Internet Explorer Version5.5 Updatesp2
Microsoft ≫ Internet Explorer Version6.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 39.21% | 0.984 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://www.us-cert.gov/cas/techalerts/TA04-033A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-004
http://marc.info/?l=bugtraq&m=106979349517578&w=2
http://marc.info/?l=bugtraq&m=107038202225587&w=2
http://www.kb.cert.org/vuls/id/784102
http://www.safecenter.net/UMBRELLAWEBV4/BackToFramedJpu
https://exchange.xforce.ibmcloud.com/vulnerabilities/13846
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A630
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A643
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A687
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A689
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A745
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A774
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A805