Lucene search
HistoryJan 19, 2005 - 5:00 a.m.
CVE-2004-1376
cve
2004
1376
microsoft
internet explorer
ftp
vulnerability
remote
overwrite
arbitrary files
list command
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.4 Medium
AI Score
Confidence
Low
0.956 High
EPSS
Percentile
99.4%
Directory traversal vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote malicious FTP servers to overwrite arbitrary files via … (dot dot) sequences in filenames returned from a LIST command.
Affected configurations
Node
microsoftinternet_explorerMatch5.01
ORmicrosoftinternet_explorerMatch5.5
ORmicrosoftinternet_explorerMatch6.0
Related
checkpoint_advisories
checkpoint_advisories
Internet Explorer FTP Client Directory Traversal (CVE-2004-1376)
2009-10-28 00:00:00
nvd
nvd
CVE-2004-1376
2004-12-30 05:00:00
cvelist
cvelist
CVE-2004-1376
2005-01-19 05:00:00
openvas
openvas
Debian: Security Advisory (DSA-686-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 686-1 (gftp)
2008-01-17 00:00:00
freebsd
freebsd
gftp -- directory traversal vulnerability
2005-02-04 00:00:00
nessus
nessus
FreeBSD : gftp -- directory traversal vulnerability (2d8cf857-81ea-11d9-a9e7-0001020eed82)
2005-07-13 00:00:00
Debian DSA-686-1 : gftp - missing input sanitising
2005-02-18 00:00:00
osv
osv
gftp - missing input sanitising
2005-02-17 00:00:00
debian
debian
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.4 Medium
AI Score
Confidence
Low
0.956 High
EPSS
Percentile
99.4%
Related for CVE-2004-1376