MS.IE.FTP.Web.View.XSS
Description
Microsoft Internet Explorer has a Cross-site scripting (XSS) vulnerability. A remote attacker could execute an arbitrary web script or HTML via the hostname portion of an FTP URL, when Internet Explorer is running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected.
Affected Products
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.5 SP1
Microsoft Internet Explorer 5.5 SP2
Microsoft Internet Explorer 6.0
Impact
Gain Access.
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
http://www.microsoft.com
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |