mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-07 12:21:57 +00:00
836 B
836 B
CVE-2003-1028
Description
The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008.
POC
Reference
- http://marc.info/?l=bugtraq&m=107038202225587&w=2
- http://www.safecenter.net/UMBRELLAWEBV4/threadid10008
Github
No PoCs found on GitHub currently.