CVE-2001-0149 Information

Description

Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-09/0305.html http://marc.info/?l=ntbugtraq&m=96999020527583&w=2 http://www.securityfocus.com/bid/1718 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015 https://exchange.xforce.ibmcloud.com/vulnerabilities/5293