Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded CRLF (%0D%0A) before the FTP command, which causes the commands to be inserted into an authenticated FTP connection established earlier in the same browser session, as demonstrated using a DELE command, a variant or possibly a regression of CVE-2004-1166. NOTE: a trailing "//" can force Internet Explorer to try to reuse an existing authenticated connection.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Internet Explorer 代码注入漏洞
Vulnerability Description
Microsoft Internet Explorer(IE)是美国微软(Microsoft)公司的一款Windows操作系统附带的Web浏览器。 Microsoft Internet Explorer存在代码注入漏洞。Microsoft Internet Explorer 5 和 6中的CRLF注入漏洞会允许远程攻击者通过一个包含FTP 命令以前的URL-encoded CRLF (%0D%0A) 的ftp:// URL,以执行任意FTP命令。
CVSS Information
N/A
Vulnerability Type
N/A