The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote malicious users to execute arbitrary local .CHM files via a double backward slash ("\\") before the target CHM file, as demonstrated using an "ms-its" URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft ie 6.0 |