CVE-2003-0816

Internet Explorer 6 SP1 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2003-0816. PoCs published by Liu Die Yu & Jelmer, Liu Die Yu.

AI-analyzed exploit summary The provided entry is a placeholder for CVE-2003-0816, referencing multiple unspecified issues in Microsoft Internet Explorer. It lacks exploit code or technical details, instead pointing to a SecurityFocus BID and a GitLab link for additional information.

Description

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containing Javascript, as demonstrated using WsOpenFileJPU, (3) setting the href property in the base tag for the _search window, as demonstrated using WsBASEjpu, (4) loading the search window into an Iframe, as demonstrated using WsFakeSrc, (5) caching a javascript: URL in the browser history, then accessing that URL in the same frame as the target domain, as demonstrated using WsOpenJpuInHistory, NAFjpuInHistory, BackMyParent, BackMyParent2, and RefBack, aka the "Script URLs Cross Domain" vulnerability.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Liu Die Yu & Jelmer · textremotewindows
https://www.exploit-db.com/exploits/23131

The provided entry is a placeholder for CVE-2003-0816, referencing multiple unspecified issues in Microsoft Internet Explorer. It lacks exploit code or technical details, instead pointing to a SecurityFocus BID and a GitLab link for additional information.

Classification
Writeup 80%
Attack Type
Other
Complexity
N/a
Reliability
Theoretical
Target: Microsoft Internet Explorer (unspecified versions)
No auth needed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Liu Die Yu · htmlremotewindows
https://www.exploit-db.com/exploits/23790

This exploit leverages a cross-zone scripting vulnerability in Microsoft Internet Explorer by using the window.open method to inject malicious script code into the search pane, allowing access to document properties across different security zones and foreign domains.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Internet Explorer
No auth needed
Prerequisites: Victim must visit a malicious webpage · Internet Explorer must be used
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (30)

Core 30
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106321781819727&w=2
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106322063729496&w=2
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A362
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A361
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A416
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106321693517858&w=2
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/771604
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106322240132721&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1007687
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A409
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A479
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/337086
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A459
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/336937
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106321882821788&w=2
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106321638416884&w=2
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A363
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/10192
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/652452

Scores

EPSS 0.4837
EPSS Percentile 98.7%

Details

Status published
Products (4)
microsoft/ie 6.0 sp1
microsoft/internet_explorer 5.0.1 (4 CPE variants)
microsoft/internet_explorer 5.5 (3 CPE variants)
microsoft/internet_explorer 6.0
Published Feb 03, 2004
Tracked Since Feb 18, 2026