← CVECheck
HomeVulnerabilities

CVE-2003-1028 — MEDIUM severity vulnerability (The download function of Internet Explorer 6 SP1 allows remo)

The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008.

CVE IDCVE-2003-1028
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2004-01-20
Last modified2026-04-16
DescriptionThe download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →