Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the second variant of the "Content Disposition" vulnerability.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2004-09-01T04:00:00
Updated: 2003-03-20T00:00:00
Reserved: 2002-04-20T00:00:00
Link: CVE-2002-0188
JSON object: View
NVD Information
Status : Modified
Published: 2002-05-29T04:00:00.000
Modified: 2021-07-23T12:55:03.667
Link: CVE-2002-0188
JSON object: View
Redhat Information
No data.
CWE