- Description
- Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7BDFCFCB-6E90-4F29-9852-A3099DF05843",
"versionEndIncluding": "5.5"
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6219D36E-9E2C-4DC7-8FD5-FAD144A333F6"
},
{
"criteria": "cpe:2.3:a:microsoft:windows_script_host:5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D774C5CD-AD4A-42F9-B624-968A0C1DDE2E"
},
{
"criteria": "cpe:2.3:a:microsoft:windows_script_host:5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF47D9C0-6521-427A-A1EB-3BFA2BD37733"
}
],
"operator": "OR"
}
]
}
]