Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0003

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-0003
Last Modified 05 Sep 2008 04:23:01
Published 12 Feb 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0003

Summary

Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows Me

  • Microsoft Windows Nt

Application

  • Microsoft Office 2000


References

BID - 2199

MS - MS01-001

XF - wec-ntlm-authentication


Last Updated: 27 May 2016 10:36:05