Lucene search

[email protected]CVE-2001-0664

HistoryOct 30, 2001 - 5:00 a.m.

CVE-2001-0664

2001-10-3005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0664

internet explorer 5.5

internet explorer 5.01

zone spoofing vulnerability

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

93.3%

JSON

Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the “Zone Spoofing vulnerability.”

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq5.01
microsoft:internet_explorermicrosoft internet explorereq5.5

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	5.01
microsoft:internet_explorer	microsoft internet explorer	eq	5.5

References

marc.info/?l=bugtraq&m=100281551611595&w=2

morph3us.org/blog/?p=31

www.osvdb.org/1971

www.securityfocus.com/bid/3420

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051

exchange.xforce.ibmcloud.com/vulnerabilities/7258

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

93.3%

JSON

Related for CVE-2001-0664

seebug1 cve1