Описание
Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.1:*:linux:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.1:*:win32:*:*:*:*:*
EPSS
Процентиль: 96%
0.23509
Средний
6.4 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue.
EPSS
Процентиль: 96%
0.23509
Средний
6.4 Medium
CVSS2
Дефекты
CWE-264