CVE-2001-0149

Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.

Date published : 2001-05-07

http://www.securityfocus.com/bid/1718

http://archives.neohapsis.com/archives/bugtraq/2000-09/0305.html