Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0338

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2001-0338
Last Modified 05 Sep 2008 04:23:52
Published 27 Jun 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2001-0338

Summary

Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."

Vulnerable Systems

Application

  • Microsoft Ie 5.01

  • Microsoft Ie 5.5


References

MS - MS01-027

XF - ie-crl-certificate-spoofing(6555)

BID - 2735

CIAC - L-087


Last Updated: 27 May 2016 10:36:13