CVE-2004-2090

2005-05-1904:00:00

mitre

www.cve.org

6.9 Medium

AI Score

Confidence

High

0.046 Low

EPSS

Percentile

92.6%

JSON

Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.

References

lists.grok.org.uk/pipermail/full-disclosure/2004-February/016881.html

secunia.com/advisories/10820

www.securityfocus.com/bid/9611

exchange.xforce.ibmcloud.com/vulnerabilities/15078