Lucene search

[email protected]CVE-2001-0724

HistoryNov 14, 2001 - 5:00 a.m.

CVE-2001-0724

2001-11-1405:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

internet explorer 5.5

remote attack

bypass security

malformed urls

nvd

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.1%

JSON

Internet Explorer 5.5 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the “Zone Spoofing Vulnerability variant” of CVE-2001-0664.

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq5.5

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	5.5

References

www.osvdb.org/5556

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-055

exchange.xforce.ibmcloud.com/vulnerabilities/8471

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.1%

JSON

Related for CVE-2001-0724

seebug1 cve1