File Upload Vulnerability in Internet Explorer 6 by Microsoft
CVE-2006-2900

Currently unrated

Key Information:

Vendor
Microsoft
Status
Ie
Network Camera Server Vb101
Vendor
CVE Published:
7 June 2006

Summary

A flaw in Internet Explorer 6 enables remote attackers to exploit a file upload mechanism. By manipulating JavaScript events such as OnKeyDown, OnKeyPress, and OnKeyUp, an attacker could persuade a user to inadvertently input the filename of a targeted file into a form. When the form is submitted, the unintended file could be uploaded to the server, potentially exposing sensitive data. This vulnerability poses a significant risk when users are tricked into executing specific keystrokes without their awareness.

References

http://www.vupen.com/english/advisories/2006/2161
vdb-entryx_refsource_VUPEN
http://securityreason.com/securityalert/1059
third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/18308
vdb-entryx_refsource_BID

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2006-2900 : File Upload Vulnerability in Internet Explorer 6 by Microsoft | SecurityVulnerability.io