Vulnerabilities > CVE-2004-2090 - Unspecified vulnerability in Microsoft IE and Internet Explorer

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
microsoft
exploit available
NVD
Published: 2004-02-07
Updated: 2021-07-23

Summary

Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.

Vulnerable Configurations

Part Description Count
Application
Microsoft
10

Exploit-Db

descriptionMicrosoft Internet Explorer 5.0.1 LoadPicture File Enumeration Weakness. CVE-2004-2090. Remote exploit for windows platform
idEDB-ID:23668
last seen2016-02-02
modified2004-02-07
published2004-02-07
reporterJelmer
sourcehttps://www.exploit-db.com/download/23668/
titleMicrosoft Internet Explorer 5.0.1 LoadPicture File Enumeration Weakness

References