Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0338


Vulnerability Score 5.1 5.1
CVE Id CVE-2001-0338
Last Modified 05 Sep 2008 04:23:52
Published 27 Jun 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."

Vulnerable Systems


  • Microsoft Ie 5.01

  • Microsoft Ie 5.5


MS - MS01-027

XF - ie-crl-certificate-spoofing(6555)

BID - 2735

CIAC - L-087

Last Updated: 27 May 2016 10:36:13