Arbitrary Code Execution via Web Folder Component in Internet Explorer 5.5 and 6.0
CVE-2002-0980 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it into the error message, then referring to the error message file via a mhtml: URL.
Learn more about our Web App Pen Testing.