PT-2004-2293 · Microsoft · Internet Explorer
Albert Puigsech Galicia
·
Published
2004-12-30
·
Updated
2021-07-23
·
CVE-2004-1376
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
Microsoft Internet Explorer versions 5.01 through 6.0
Description:
A directory traversal issue allows remote malicious FTP servers to overwrite arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.
Recommendations:
For Microsoft Internet Explorer versions 5.01 through 6.0, consider disabling access to malicious FTP servers as a temporary workaround until a patch is available. Restrict the use of FTP functionality in these versions to minimize the risk of exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Internet Explorer