CVE-2004-1331

The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download – Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command.

Date published : 2005-01-06

http://www.securityfocus.com/bid/11686

http://archives.neohapsis.com/archives/bugtraq/2004-11/0260.html