CVE-2002-1291 Information

Description

The Microsoft Java implementation as used in Internet Explorer allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a \file://00\ (null character) URL.

Reference

http://marc.info/?l=bugtraq&m=103682630823080&w=2 http://marc.info/?l=ntbugtraq&m=103684360031565&w=2 http://www.iss.net/security_center/static/10584.php http://www.securityfocus.com/bid/6138