CVE-2004-2090 Information

Description

Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method which returns an error code if the file does not exist.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/016881.html http://secunia.com/advisories/10820 http://www.securityfocus.com/bid/9611 https://exchange.xforce.ibmcloud.com/vulnerabilities/15078