First published: Thu May 20 2004(Updated: )
Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug may overlap CVE-2004-0475.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Internet Explorer | =5 | |
Microsoft Ie | =6.0-sp1 | |
Microsoft Ie | =6-windows_server_2003_sp1 | |
Microsoft Internet Explorer | =5.5-sp2 | |
Microsoft Internet Explorer | =5.5 | |
Microsoft Internet Explorer | =5.5-sp1 | |
Microsoft Internet Explorer | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.