| Definition Id: oval:org.mitre.oval:def:3514 |
Version: 2
Last Modified: 2007-02-12
|
| Title: |
IE .chm Directory Traversal Windows Server 2003 Vulnerability |
| Description: |
Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug may overlap CVE-2004-0475. |
| Family: |
windows |
Class: |
vulnerability |
| Status: |
ACCEPTED |
Reference(s): |
CVE-2003-1041
|
| Platform(s): |
Microsoft Windows Server 2003 |
Product(s): |
HTML Help Facility |
| Definition Synopsis: |
- Software section
- AND Configuration section
|
