Vulnerabilities > CVE-2004-0475 - Unspecified vulnerability in Microsoft IE 6.0

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

microsoft

NVD

Published: 2004-07-07

Updated: 2017-07-11

Summary

The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft IE 6.0	1

References

http://www.securityfocus.com/archive/1/363202
http://www.securityfocus.com/bid/10348
https://exchange.xforce.ibmcloud.com/vulnerabilities/16147