Lucene search

[email protected]CVE-2001-0149

HistoryJun 02, 2001 - 4:00 a.m.

CVE-2001-0149

2001-06-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0149

windows scripting host

internet explorer

remote attack

file access

getobject

activex object.

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.4 High

AI Score

Confidence

High

0.091 Low

EPSS

Percentile

94.7%

JSON

Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.

Affected configurations

NVD

Node

microsoftinternet_explorerRange≤5.5

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorerle5.5

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	le	5.5

References

archives.neohapsis.com/archives/bugtraq/2000-09/0305.html

marc.info/?l=ntbugtraq&m=96999020527583&w=2

www.securityfocus.com/bid/1718

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015

exchange.xforce.ibmcloud.com/vulnerabilities/5293

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.4 High

AI Score

Confidence

High

0.091 Low

EPSS

Percentile

94.7%

JSON

Related for CVE-2001-0149

cvelist1 nvd1 openvas2