← CVECheck
HomeVulnerabilities

CVE-2004-2090 — MEDIUM severity vulnerability (Microsoft Internet Explorer 5.0.1 through 6.0 allows remote)

Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.

CVE IDCVE-2004-2090
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2004-02-07
Last modified2026-04-16
DescriptionMicrosoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →