← Back

CVE-2004-2090

nvd nist
Published: Feb 7, 2004Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.

Affected (10)

Microsoft
2 products
Ie
Internet Explorer
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Ie
Version 6.0 sp1
Microsoft
Internet Explorer
Version 5.0.1
Internet Explorer
Version 5.0.1 sp1
Internet Explorer
Version 5.0.1 sp2
Internet Explorer
Version 5.0.1 sp3
Internet Explorer
Version 5.0.1 sp4
Internet Explorer
Version 5.5
Internet Explorer
Version 5.5 sp1
Internet Explorer
Version 5.5 sp2
Internet Explorer
Version 6.0

References (8)

Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
ExploitVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.