The showHelp function in Internet Explorer 6 on Windows XP Pro allows remote attackers to execute arbitrary local .CHM files via a double backward slash () before the target CHM file, as demonstrated using an ms-its URL to ntshared.chm. NOTE: this bug may overlap CVE-2003-1041.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ie | Microsoft | 6.0-sp1 (including) | 6.0-sp1 (including) |