Microsoft Internet Explorer 5.0.1 up to and including 6.0 allows remote malicious users to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 5.0.1 |
||
microsoft ie 6.0 |
||
microsoft internet explorer 5.5 |
||
microsoft internet explorer 6.0 |