CVE-2004-1376Path Traversal in Microsoft Internet Explorer

2 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
11.2%
top 6.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedDec 30
Latest updateApr 29

Description

Directory traversal vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote malicious FTP servers to overwrite arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDmicrosoft/internet_explorer5.01, 5.5, 6.0+2

Patches

Patch: secunia.comPatch: secunia.com

🔴Vulnerability Details

1
GHSA
GHSA-5q37-r2pc-3hm5: Directory traversal vulnerability in Microsoft Internet Explorer 52022-04-29
CVE-2004-1376 — Path Traversal in Microsoft | cvebase