CVE-2003-0447

Internet Explorer 5.01-6.0 - Remote Code Execution via Custom HTTP Errors

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0447. PoCs published by GreyMagic Software.

AI-analyzed exploit summary This exploit leverages a vulnerability in Microsoft Internet Explorer's handling of custom HTTP error messages to inject and execute arbitrary JavaScript code. The PoC demonstrates HTML injection via malformed URLs in 'res://' protocol handlers, potentially leading to cookie theft or other client-side attacks.

Description

The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated.

Exploits (1)

exploitdb WORKING POC VERIFIED

by GreyMagic Software · textremotewindows

https://www.exploit-db.com/exploits/22784

View Code ZIP pw:eip

This exploit leverages a vulnerability in Microsoft Internet Explorer's handling of custom HTTP error messages to inject and execute arbitrary JavaScript code. The PoC demonstrates HTML injection via malformed URLs in 'res://' protocol handlers, potentially leading to cookie theft or other client-side attacks.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Internet Explorer (versions affected by CVE-2003-0447)

No auth needed

Prerequisites: Victim must be using a vulnerable version of Internet Explorer · Victim must be tricked into clicking a malicious link or visiting a crafted page

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →