2 matches found
CVE-2001-0038
Offline Explorer 1.4 before Service Release 2 allows remote attackers to read arbitrary files by specifying the drive letter e.g. C: in the requested URL...
CVE-2001-0038
Offline Explorer 1.4 is affected by a local file read vulnerability present before Service Release 2. An attacker could specify a drive letter (for example C:) in the requested URL to read arbitrary files on the system. Root cause: inadequate validation of the URL drive letter in requests. Impact...