漏洞信息详情
Microsoft Internet Explorer 安全漏洞
- CNNVD编号:CNNVD-200308-151
- 危害等级: 高危
- CVE编号: CVE-2003-0532
- 漏洞类型: 其他
- 发布时间: 2003-08-27
- 威胁类型: 远程
- 更新时间: 2021-07-26
- 厂 商: microsoft
- 漏洞来源: Discovery is credi...
漏洞简介
Microsoft Internet Explorer(IE)是美国微软(Microsoft)公司的一款Windows操作系统附带的Web浏览器。
Microsoft Internet Explorer存在安全漏洞。Internet Explorer 5.01 SP3至6.0 SP1版本不能正确判断web服务器返回的对象类型。远程攻击者可以借助服务器主机上的带有data参数的恶意文件的对象标签执行任意代码,该恶意文件返回不安全Content-Type,也称为 \"Object Type\"漏洞。
漏洞公告
Microsoft has released fixes. It should be noted that some reports indicate that the supplied fix for Internet Explorer 5.01 does not correctly address this issue. This information has not been confirmed by Symantec.
Fixes:
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Cumulative Patch for Internet Explorer (822925)For all versions of Internet Explorer except Internet Explorer for Windows 2003.
http://www.microsoft.com/windows/ie/downloads/critical/822925/default.asp">
http://www.microsoft.com/windows/ie/downloads/critical/822925/default.
asp
Microsoft Internet Explorer 5.5 SP2
Microsoft Cumulative Patch for Internet Explorer (822925)For all versions of Internet Explorer except Internet Explorer for Windows 2003.
http://www.microsoft.com/windows/ie/downloads/critical/822925/default.asp">
http://www.microsoft.com/windows/ie/downloads/critical/822925/default.
asp
Microsoft Internet Explorer 6.0 SP1
Microsoft Cumulative Patch for Internet Explorer (822925)For all versions of Internet Explorer except Internet Explorer for Windows 2003.
http://www.microsoft.com/windows/ie/downloads/critical/822925/default.asp">
http://www.microsoft.com/windows/ie/downloads/critical/822925/default.
asp
Microsoft Cumulative Patch for Internet Explorer (822925)For Internet Explorer 6.0 for Windows Server 2003.
http://www.microsoft.com/windows/ie/downloads/critical/822925s/default.asp">
http://www.microsoft.com/windows/ie/downloads/critical/822925s/default
.asp
Microsoft Internet Explorer 6.0
Microsoft Cumulative Patch for Internet Explorer (822925)For all versions of Internet Explorer except Internet Explorer for Windows 2003.
http://www.microsoft.com/windows/ie/downloads/critical/822925/default.asp">
http://www.microsoft.com/windows/ie/downloads/critical/822925/default.
asp
参考网址
来源:VULNWATCH
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0084.HTML
来源:BUGTRAQ
链接:http://marc.info/?l=bugtraq&m=106149026621753&w=2
来源:CERT-VN
链接:http://www.kb.cert.org/vuls/id/865940
来源:MS
链接:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-032
来源:MISC
链接:http://www.eeye.com/HTML/Research/Advisories/AD20030820.HTML
受影响实体
- Microsoft Ie:6.0
- Microsoft Ie:6.0:Sp1
- Microsoft Ie:5.5:Sp2
- Microsoft Ie:5.5:Sp1
- Microsoft Ie:5.5
补丁
- Microsoft Internet Explorer 安全漏洞的修复措施
评论