Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0002

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0002
Last Modified 31 Aug 2013 12:11:38
Published 21 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0002

Summary

Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.

Vulnerable Systems

Application

  • Microsoft Ie 5.01

  • Microsoft Ie 5.5

  • Microsoft Windows Script Host 5.1

  • Microsoft Windows Script Host 5.5


References

XF - ie-chm-execute-files(5567)

BID - 2456

OSVDB - 7823

MS - MS01-015

MISC - http://www.guninski.com/chmtempmain.html


Last Updated: 27 May 2016 10:36:05