Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as /.#./.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Internet_explorer | Microsoft | 5.0 (including) | 5.0 (including) |
| Internet_explorer | Microsoft | 5.0.1 (including) | 5.0.1 (including) |
| Internet_explorer | Microsoft | 5.0.1-sp1 (including) | 5.0.1-sp1 (including) |
| Internet_explorer | Microsoft | 5.0.1-sp2 (including) | 5.0.1-sp2 (including) |
| Internet_explorer | Microsoft | 5.5 (including) | 5.5 (including) |
| Internet_explorer | Microsoft | 5.5-sp1 (including) | 5.5-sp1 (including) |
| Internet_explorer | Microsoft | 5.5-sp2 (including) | 5.5-sp2 (including) |
| Internet_explorer | Microsoft | 6.0 (including) | 6.0 (including) |
References
- http://cert.uni-stuttgart.de/archive/vuln-dev/2001/05/msg00029.html
- http://www.kb.cert.org/vuls/id/199408
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10117
- http://cert.uni-stuttgart.de/archive/vuln-dev/2001/05/msg00029.html
- http://www.kb.cert.org/vuls/id/199408
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10117