The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote malicious users to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 5.01 |
||
microsoft internet explorer 5.5 |
||
microsoft internet explorer 6.0 |