CVE-2002-1288 Information

Description

The Microsoft Java implementation as used in Internet Explorer allows remote attackers to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File() call.

Reference

http://marc.info/?l=bugtraq&m=103682630823080&w=2 http://marc.info/?l=ntbugtraq&m=103684360031565&w=2 http://www.securityfocus.com/bid/6139