Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0003


Vulnerability Score 5.0 5.0
CVE Id CVE-2001-0003
Last Modified 05 Sep 2008 04:23:01
Published 12 Feb 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows Me

  • Microsoft Windows Nt


  • Microsoft Office 2000


BID - 2199

MS - MS01-001

XF - wec-ntlm-authentication

Last Updated: 27 May 2016 10:36:05