admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2003/CVE-2003-10xx/CVE-2003-1026.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

184 lines
6.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2003-1026",
"sourceIdentifier": "cve@mitre.org",
"published": "2004-01-20T05:00:00.000",
"lastModified": "2021-07-23T12:55:03.667",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called, as demonstrated by BackToFramedJpu, aka the \"Travel Log Cross Domain Vulnerability.\""
},
{
"lang": "es",
"value": "Internet Explorer SP1 permite a atacantes remotos evitar restricciones de zonas mediante una URL de protocolo JavaScript en un sub-marco, que es a\u00f1adido al historial de p\u00e1ginas visitadas y es ejecutado en la zona de seguridad de la ventana principal cuando se usa el m\u00e9todo JavaScritp \"history.back\" (mostrar p\u00e1gina anterior), como se demostr\u00f3 por BackToFramedJpu."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": true,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B8985B-B927-4928-B1DB-18E29F796992"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A04FEA6-37B0-44B0-844F-55652ABA1F85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4D56FB8E-2553-47C1-82A2-9E59023780CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "8541EEED-94F4-42F8-9719-57F3EC85D52B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "40372520-08CF-4F64-A7AC-7E0AE0964138"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40F8042F-C621-45AE-9F8C-70469579643A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2CD04E07-3664-4D4F-BF3E-6B33AF0F2D12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D05ED9D0-CF78-4FAD-9371-6FB3D5825148"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783"
}
]
}
]
}
],
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=106979349517578&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=107038202225587&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://www.kb.cert.org/vuls/id/784102",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.safecenter.net/UMBRELLAWEBV4/BackToFramedJpu",
"source": "cve@mitre.org"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA04-033A.html",
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-004",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13846",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A630",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A643",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A687",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A689",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A745",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A774",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A805",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink