CVE-2003-1028

2004-01-20T00:00:00
ID CVE-2003-1028
Type cve
Reporter NVD
Modified 2017-07-10T21:29:40

Description

The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008.