← CVECheck
HomeVulnerabilities

CVE-2002-0024 — HIGH severity vulnerability (File Download box in Internet Explorer 5.01, 5.5 and 6.0 all)

File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an attacker to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download.

CVE IDCVE-2002-0024
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2002-03-08
Last modified2026-04-16
DescriptionFile Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an attacker to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →