Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0643

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-0643
Last Modified 05 Sep 2008 04:24:36
Published 20 Sep 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0643

Summary

Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type.

Vulnerable Systems

Application

  • Microsoft Ie 5.5


References

XF - ie-clsid-execute-files(6426)

BUGTRAQ - 20010416 Double clicking on innocent looking files may be dangerous

MISC - http://www.sarc.com/avcenter/venc/data/vbs.postcard@mm.html

MISC - http://vil.nai.com/vil/virusSummary.asp?virus_k=99048

BID - 2612

OSVDB - 7858

MISC - http://www.guninski.com/clsidext.html


Last Updated: 27 May 2016 10:36:20