Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2090

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2090
Last Modified 05 Sep 2008 04:43:10
Published 07 Feb 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2090

Summary

Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.

Vulnerable Systems

Application

  • Microsoft Ie 5.0.1

  • Microsoft Ie 5.5

  • Microsoft Ie 6.0


References

XF - ie-error-obtain-information(15078)

BID - 9611

SECUNIA - 10820

FULLDISC - 20040207 (no subject)


Last Updated: 27 May 2016 10:39:20