Arbitrary File Reading Vulnerability in Windows Scripting Host in Internet Explorer 5.5 and Earlier

Arbitrary File Reading Vulnerability in Windows Scripting Host in Internet Explorer 5.5 and Earlier

CVE-2001-0149 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.

Learn more about our Web Application Penetration Testing UK.