| Patch Name : |
IE6.0sp1-KB905495-Windows2000-x86-ENU.exe |
| Patch Description : |
Security Update for Internet Explorer 6 Service Pack 1 for Windows 2000 Service Pack 4 (KB905495) |
| Bulletin Id : |
MS05-044 |
| Bulletin Title : |
Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495) |
| KnowledgeBase : | 905495 |
| Severity : |
Moderate |
| Location Path : | IE6.0sp1-KB905495-Windows2000-x86-ENU.exe |
| Bulletin Summary: |
This update resolves a newly-discovered, public vulnerability. A vulnerability exists in the Windows FTP client because of the way it validates file names. This vulnerability could allow an attacker to tamper with the file transfer location on the client during an FTP file transfer session.
The vulnerability is documented in the "Vulnerability Details" section of this bulletin.
We recommend that customers consider applying the security update. |
| Superceding Bulletin Id : |
None |
| Patch Release Date : |
Oct 11, 2005 |
| CVE Id : | CAN-2005-2126 |
| Affected Product Information |
|
| Product Name |
Service Pack Name |
| Internet Explorer 6 | Internet Explorer 6 SP1 |
|
| File changes |
|
| File Path |
Version |
| %windir%\system32\Msieftp.dll | 5.50.4956.500 |
|
| Registry changes |
|
| Registry Path |
Key Name |
Key Value |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Internet Explorer 6\SP1\KB905495-IE6SP1-20050805.184113 | | -2 |
|
