CVE-2003-0815

high

Description

Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or (2) modifying the createRange method and using the FIND dialog to select text, as demonstrated using Findeath, aka the "Function Pointer Override Cross Domain" vulnerability.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A472

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A359

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A357

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A356

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A353

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A352

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A351

https://exchange.xforce.ibmcloud.com/vulnerabilities/13676

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-048

http://www.securityfocus.com/bid/9014

http://www.securityfocus.com/archive/1/337086

http://www.safecenter.net/UMBRELLAWEBV4/LinkillerSaveRef/LinkillerSaveRef-Content.HTM

http://www.safecenter.net/UMBRELLAWEBV4/LinkillerJPU/LinkillerJPU-Content.HTM

http://www.safecenter.net/UMBRELLAWEBV4/Linkiller/Linkiller-Content.HTM

http://www.osvdb.org/7889

http://www.osvdb.org/7888

http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2003-09/0150.html

http://www.ciac.org/ciac/bulletins/o-021.shtml

http://securitytracker.com/id?1007687

http://secunia.com/advisories/10192

http://marc.info/?l=bugtraq&m=106322542104656&w=2

http://marc.info/?l=bugtraq&m=106321757619047&w=2

Details

Source: Mitre, NVD

Published: 2004-02-03

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.17013