Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0727

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0727
Last Modified 05 Sep 2008 04:24:47
Published 14 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0727

Summary

Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability."

Vulnerable Systems

Application

  • Microsoft Ie 5.5

  • Microsoft Ie 6.0


References

CERT - CA-2001-36

CERT-VN - VU#443699

MS - MS01-058

BUGTRAQ - 20011214 MSIE may download and run progams automatically

BUGTRAQ - 20011216 Re: MSIE may download and run progams automatically - NOT SO FAST

XF - ie-file-download-execution(7703)

BID - 3578

OSVDB - 3033

CIAC - M-027


Last Updated: 27 May 2016 10:36:22