Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Explorer 权限许可和访问控制问题漏洞
Vulnerability Description
Microsoft Internet Explorer(IE)是美国微软(Microsoft)公司的一款Windows操作系统附带的Web浏览器。 Microsoft Internet Explorer存在权限许可和访问控制问题漏洞。远程攻击者可以利用这个漏洞获得目标用户任何本地文件。通过Javascript,可以定义'onkeydown'事件的事件句柄,此事件当用户末端按某一键的时候被触发,而使用恶意代码可以转换这个事件为任意Ctrl-key按键操作的组合,包括事件转换为粘贴操作,如粘贴任意内容到文件上
CVSS Information
N/A
Vulnerability Type
N/A