CVE-2005-0918

2005-05-0504:00:00

mitre

www.cve.org

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

74.6%

JSON

The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, when running on Internet Explorer, allows remote attackers to determine the existence of arbitrary files by setting the src property to the target filename and using Javascript to determine if the web page immediately stops loading, which indicates whether the file exists or not.

References

secunia.com/advisories/15255

securitytracker.com/id?1013890

www.adobe.com/support/techdocs/323585.html

www.hyperdose.com/advisories/H2005-07.txt