CVE Vulnerabilities

CVE-2002-0024

Published: Mar 08, 2002 | Modified: Jul 23, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an attacker to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download.

Affected Software

Name Vendor Start Version End Version
Internet_explorer Microsoft 5.01 5.01
Internet_explorer Microsoft 5.5 5.5
Internet_explorer Microsoft 6.0 6.0

References