File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an malicious user to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 5.01 |
||
microsoft internet explorer 5.5 |
||
microsoft internet explorer 6.0 |