Arbitrary Local File Execution Vulnerability in Internet Explorer 6 on Windows XP Pro
CVE-2004-0475 · MEDIUM Severity
AV:N/AC:H/AU:N/C:P/I:P/A:P
The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041.
Learn more about our Web Application Penetration Testing UK.