CVE-2003-0447

Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 5.01 through 6.0

Description: The issue allows remote attackers to execute script in the Local Zone. This is achieved by providing a specific argument to shdocvw.dll, which results in the generation of a "javascript:" link.

Recommendations: For Internet Explorer versions 5.01 through 6.0, consider disabling the Custom HTTP Errors capability as a temporary workaround until a patch is available. Restrict access to the shdocvw.dll module to minimize the risk of exploitation. Avoid using arguments that could cause a "javascript:" link to be generated in the affected versions.