CVE-2003-1048

CVE Database · CVE-2003-1048

CVE-2003-1048

· HIGHModified

CVSS v3.1

7.8

EPSS

26.63%

Published

Jul 27, 2004

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-415

Affected Products (18)

microsoft · internet_explorervulnerable

microsoft · outlookvulnerable

microsoft · windows_98vulnerable

References (20)

http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009445.html

Broken Link

http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009473.html

Broken Link

http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/009506.html

Broken Link

http://www.ciac.org/ciac/bulletins/o-191.shtml

Broken Link

http://www.kb.cert.org/vuls/id/685364

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/8530

Broken LinkThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs