Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0154

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0154
Last Modified 05 Sep 2008 04:23:24
Published 03 May 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0154

Summary

HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.

Vulnerable Systems

Application

  • Microsoft Ie 5.01

  • Microsoft Ie 5.5


References

CERT - CA-2001-06

MS - MS01-020

BUGTRAQ - 20010330 Incorrect MIME Header Can Cause IE to Execute E-mail Attachment

XF - ie-mime-execute-code(6306)

BID - 2524

OSVDB - 7806

CIAC - L-066

SECTRACK - 1001197


Last Updated: 27 May 2016 10:36:09