CVE-2003-1028

2004-01-20T05:00:00
ID CVE-2003-1028
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:29:00

Description

The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008.