← CVECheck
HomeVulnerabilities

CVE-2003-0532 — HIGH severity vulnerability (Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly)

Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vul

CVE IDCVE-2003-0532
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2003-08-27
Last modified2026-04-16
DescriptionInternet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →