CVE-2004-0475

Name of the Vulnerable Software and Affected Versions Internet Explorer 6 version on Windows XP Pro

Description The issue allows remote attackers to execute arbitrary local .CHM files via a double backward slash before the target CHM file. This can be demonstrated using an "ms-its" URL to ntshared.chm.

Recommendations For Internet Explorer 6 on Windows XP Pro, consider disabling the showHelp function as a temporary workaround until a patch is available. Restrict access to local .CHM files to minimize the risk of exploitation. Avoid using the "ms-its" URL scheme in Internet Explorer until the issue is resolved.