CVE-2003-0113

Microsoft IE - Buffer Overflow

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0113. PoCs published by Jouko Pynnonen.

AI-analyzed exploit summary This Perl script exploits a buffer overflow in Microsoft Internet Explorer's URLMON.DLL by sending an overly long HTTP header. The vulnerability allows arbitrary code execution in the context of the client user.

Description

Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jouko Pynnonen · perlremotewindows

https://www.exploit-db.com/exploits/22530

View Code ZIP pw:eip

This Perl script exploits a buffer overflow in Microsoft Internet Explorer's URLMON.DLL by sending an overly long HTTP header. The vulnerability allows arbitrary code execution in the context of the client user.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Internet Explorer (versions affected by CVE-2003-0113)

No auth needed

Prerequisites: A vulnerable version of Microsoft Internet Explorer · A web server to host the malicious script

MITRE ATT&CK