CVE-2003-0113

Microsoft IE - Buffer Overflow

Title source: rule

Description

Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jouko Pynnonen · perlremotewindows

https://www.exploit-db.com/exploits/22530

View Code ZIP pw:eip

References (5)

[Mailing List] http://marc.info/?l=bugtraq&m=105718285107246&w=2

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A926

[Mailing List] http://marc.info/?l=bugtraq&m=105138417416900&w=2

[US Government Resource] http://www.kb.cert.org/vuls/id/169753

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-015

Scores

EPSS 0.4543

EPSS Percentile 97.6%

Details

Status published

Products (4)

microsoft/ie 6.0 sp1

microsoft/internet_explorer 5.0.1 (4 CPE variants)

microsoft/internet_explorer 5.5 (3 CPE variants)

microsoft/internet_explorer 6.0

Published May 12, 2003

Tracked Since Feb 18, 2026