IE .chm Directory Traversal Windows 2000 VulnerabilityID: oval:org.mitre.oval:def:1943 | Date: (C)2004-07-14 (M)2021-07-27 |
Class: VULNERABILITY | Family: windows |
Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug may overlap CVE-2004-0475.
Platform: |
Microsoft Windows 2000 |
Product: |
HTML Help Facility |