Vulnerability Name:

CVE-2003-1048 (CCN-16804)

Assigned:2003-09-02
Published:2003-09-02
Updated:2021-07-23
Summary:Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Full-Disclosure Mailing List, Tue Sep 02 2003 - 02:12:10 CDT
New Microsoft Internet Explorer mshtml.dll Denial of Service?

Source: MITRE
Type: CNA
CVE-2003-1048

Source: FULLDISC
Type: UNKNOWN
20030902 New Microsoft Internet Explorer mshtml.dll Denial of Service?

Source: FULLDISC
Type: UNKNOWN
20040902 AW: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll

Source: FULLDISC
Type: UNKNOWN
20040903 Re: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service?

Source: CCN
Type: SECTRACK ID: 1010827
Microsoft Internet Explorer Error in `mshtml.dll` in Processing GIF Files Lets Remote Users Crash the Browser

Source: CCN
Type: SECTRACK ID: 1010828
(Vendor Issues Revised Fix) Microsoft Internet Explorer Error in mshtml.dll in Processing GIF Files Lets Remote Users Crash the Browser

Source: CCN
Type: CIAC Information Bulletin 0-191
Microsoft Cumulative Security Update for Internet Explorer (867801)

Source: CIAC
Type: UNKNOWN
O-191

Source: CCN
Type: US-CERT VU#685364
Microsoft Internet Explorer contains a double-free vulnerability in the processing of GIF files

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#685364

Source: CCN
Type: Microsoft Security Bulletin MS04-025
Cumulative Security Update for Internet Explorer (867801)

Source: CCN
Type: Microsoft Security Bulletin MS04-038
Cumulative Security Update for Internet Explorer (834707)

Source: CCN
Type: Microsoft Security Bulletin MS04-040
Cumulative Security Update for Internet Explorer (889293)

Source: CCN
Type: Microsoft Security Bulletin MS05-014
Cumulative Security Update for Internet Explorer (867282)

Source: CCN
Type: Microsoft Security Bulletin MS05-020
Cumulative Security Update for Internet Explorer (890923)

Source: CCN
Type: Microsoft Security Bulletin MS05-025
Cumulative Security Update for Internet Explorer (883939)

Source: CCN
Type: Microsoft Security Bulletin MS05-038
Cumulative Security Update for Internet Explorer (896727)

Source: CCN
Type: Microsoft Security Bulletin MS05-052
Cumulative Security Update for Internet Explorer (896688)

Source: CCN
Type: Microsoft Security Bulletin MS05-054
Cumulative Security Update for Internet Explorer (905915)

Source: CCN
Type: Microsoft Security Bulletin MS06-004
Cumulative Security Update for Internet Explorer (910620)

Source: CCN
Type: Microsoft Security Bulletin MS06-013
Cumulative Security Update for Internet Explorer (912812)

Source: CCN
Type: Microsoft Security Bulletin MS06-021
Cumulative Security Update for Internet Explorer (916281)

Source: CCN
Type: Microsoft Security Bulletin MS06-042
Cumulative Security Update for Internet Explorer (918899)

Source: CCN
Type: Microsoft Security Bulletin MS06-067
Cumulative Security Update for Internet Explorer (922760)

Source: CCN
Type: Microsoft Security Bulletin MS06-072
Cumulative Security Update for Internet Explorer (925454)

Source: CCN
Type: Microsoft Security Bulletin MS07-016
Cumulative Security Update for Internet Explorer (928090)

Source: CCN
Type: Microsoft Security Bulletin MS07-027
Cumulative Security Update for Internet Explorer (931768)

Source: CCN
Type: Microsoft Security Bulletin MS07-033
Cumulative Security Update for Internet Explorer (933566)

Source: CCN
Type: Microsoft Security Bulletin MS07-045
Cumulative Security Update for Internet Explorer (937143)

Source: CCN
Type: Microsoft Security Bulletin MS07-057
Cumulative Security Update for Internet Explorer (939653)

Source: CCN
Type: Microsoft Security Bulletin MS07-069
Cumulative Security Update for Internet Explorer (942615)

Source: CCN
Type: Microsoft Security Bulletin MS08-010
Cumulative Security Update for Internet Explorer (944533)

Source: CCN
Type: Microsoft Security Bulletin MS08-024
Cumulative Security Update for Internet Explorer (947864)

Source: CCN
Type: Microsoft Security Bulletin MS08-031
Cumulative Security Update for Internet Explorer (950759)

Source: CCN
Type: Microsoft Security Bulletin MS08-045
Cumulative Security Update for Internet Explorer (953838)

Source: CCN
Type: Microsoft Security Bulletin MS08-058
Cumulative Security Update for Internet Explorer (956390)

Source: CCN
Type: BID-12765
Microsoft Internet Explorer MSHTML.DLL CSS Handling Remote Buffer Overflow Vulnerability

Source: BID
Type: Vendor Advisory
8530

Source: CCN
Type: BID-8530
Microsoft Internet Explorer Malformed GIF Double Free Code Execution Vulnerability

Source: CERT
Type: US Government Resource
TA04-212A

Source: CCN
Type: Internet Security Systems Protection Alert July 30, 2004
Multiple Vulnerabilities in Microsoft Internet Explorer

Source: MS
Type: UNKNOWN
MS04-025

Source: XF
Type: UNKNOWN
ie-mshtml-gif-bo(16804)

Source: XF
Type: UNKNOWN
ie-mshtml-gif-bo(16804)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1793

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:206

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:2100

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:212

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:236

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:509

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:517

Vulnerable Configuration:Configuration 1:
  • cpe:/a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:outlook:2000:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:outlook:2000:sr1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:outlook:2002:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:outlook:2002:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:outlook:2002:sp2:*:*:*:*:*:*
  • OR cpe:/a:microsoft:outlook:2000:sp3:*:*:*:*:*:*
  • OR cpe:/a:microsoft:outlook:2000:sp2:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:x64:*
  • AND
  • cpe:/o:microsoft:windows_2000:-:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp6a:*:*:workstation:*:x86:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp6a:*:*:server:*:x86:*
  • OR cpe:/o:microsoft:windows:2003_server::x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_nt:4.0:sp6:*:*:terminal_server:*:x86:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:206
    V
    		IE v5.01,SP2 Malformed GIF Image Double-free Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:517
    V
    		IE v6.0,SP1 (Server 2003) Malformed GIF Image Double-free Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:212
    V
    		IE v5.01,SP3 Malformed GIF Image Double-free Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:1793
    V
    		IE v6.0 Malformed GIF Image Double-free Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:236
    V
    		IE v6.0,SP1 Malformed GIF Image Double-free Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:2100
    V
    		IE v5.5,SP2 Malformed GIF Image Double-free Vulnerability
    2014-02-24
    oval:org.mitre.oval:def:509
    V
    		IE v5.01,SP4 Malformed GIF Image Double-free Vulnerability
    2014-02-24
    BACK
    microsoft internet explorer 5.0.1 sp1
    microsoft ie 6.0 sp1
    microsoft outlook 2000
    microsoft internet explorer 5.5
    microsoft internet explorer 5.5 sp1
    microsoft outlook 2000 sr1
    microsoft outlook 2002
    microsoft internet explorer 5.5 sp2
    microsoft internet explorer 6.0
    microsoft outlook 2002 sp1
    microsoft outlook 2002 sp2
    microsoft outlook 2000 sp3
    microsoft outlook 2000 sp2
    microsoft internet explorer 5.0.1 sp2
    microsoft internet explorer 5.0.1 sp3
    microsoft ie 6.0
    microsoft ie 5.5 sp2
    microsoft ie 5.01 sp3
    microsoft ie 5.01 sp4
    microsoft ie 5.01 sp2
    microsoft windows xp - sp1
    microsoft windows 2000 - sp2
    microsoft windows 2000 - sp3
    microsoft windows 2000 - sp4
    microsoft windows nt 4.0 sp6a
    microsoft windows nt 4.0 sp6a
    microsoft windows 2003_server
    microsoft windows 2003 server *
    microsoft windows nt 4.0 sp6