Arbitrary Local File Execution Vulnerability in Internet Explorer 6 on Windows XP Pro

Arbitrary Local File Execution Vulnerability in Internet Explorer 6 on Windows XP Pro

CVE-2004-0475 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041.

Learn more about our Web Application Penetration Testing UK.