Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0332


Vulnerability Score 5.0 5.0
CVE Id CVE-2001-0332
Last Modified 05 Sep 2008 04:23:51
Published 27 Jun 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability.

Vulnerable Systems


  • Microsoft Ie 5.01

  • Microsoft Ie 5.5


MS - MS01-027

BUGTRAQ - 20010330 Security bug in Internet Explorer - MSScriptControl.ScriptControl

Last Updated: 27 May 2016 10:36:13