Input validation

2010-01-2222:00:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

0.955 High

EPSS

Percentile

99.4%

JSON

The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a crafted URL, aka “URL Validation Vulnerability.”

CPENameOperatorVersion
internet_explorereq8
internet_explorereq8.0.6001
internet_explorereq7
internet_explorereq7.0
internet_explorereq7.0.5730 unknown-gold
internet_explorereq7.0.5730.11
internet_explorereq7.00.5730.1100
internet_explorereq7.00.6000.16386
internet_explorereq7.00.6000.16441
internet_explorereq6 sp1

Name	Operator	Version
internet_explorer	eq	8
internet_explorer	eq	8.0.6001
internet_explorer	eq	7
internet_explorer	eq	7.0
internet_explorer	eq	7.0.5730 unknown-gold
internet_explorer	eq	7.0.5730.11
internet_explorer	eq	7.00.5730.1100
internet_explorer	eq	7.00.6000.16386
internet_explorer	eq	7.00.6000.16441
internet_explorer	eq	6 sp1