[email protected]CVE-2001-0727

HistoryDec 14, 2001 - 5:00 a.m.

CVE-2001-0727

2001-12-1405:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0727

internet explorer 6.0

remote code execution

content-type header

file execution vulnerability.

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.963 High

EPSS

Percentile

99.5%

JSON

Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the “File Execution Vulnerability.”

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq5.5
microsoft:internet_explorermicrosoft internet explorereq6.0

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	5.5
microsoft:internet_explorer	microsoft internet explorer	eq	6.0

References

marc.info/?l=bugtraq&m=100835204509262&w=2

marc.info/?l=bugtraq&m=100861273114437&w=2

www.cert.org/advisories/CA-2001-36.html

www.ciac.org/ciac/bulletins/m-027.shtml

www.kb.cert.org/vuls/id/443699

www.osvdb.org/3033

www.securityfocus.com/bid/3578

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058

exchange.xforce.ibmcloud.com/vulnerabilities/7703

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A921

Social References

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.963 High

EPSS

Percentile

99.5%

JSON

Related for CVE-2001-0727

cvelist1 securityvulns1 cert1 saint4 openvas2