CVE-2004-1331

N/A Unknown

Published: November 16, 2004 Modified: April 16, 2026

Description

The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/bugtraq/2004-11/0260.html

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/13203/

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/3220

Source: cve@mitre.org

http://www.frsirt.com/exploits/20041119.IESP2Unpatched.php

Source: cve@mitre.org

Vendor Advisory

http://www.kb.cert.org/vuls/id/743974

Source: cve@mitre.org

Third Party Advisory US Government Resource

http://www.securityfocus.com/bid/11686

Source: cve@mitre.org

Exploit Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/18181

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2004-11/0260.html