Vulnerability Details CVE-2001-0091
The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.135
EPSS Ranking 93.8%
CVSS Severity
CVSS v2 Score 2.6
References
- http://www.osvdb.org/7820
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6085
- http://www.osvdb.org/7820
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6085
Products affected by CVE-2001-0091
-
cpe:2.3:a:microsoft:internet_explorer:4.0
-
cpe:2.3:a:microsoft:internet_explorer:5.0
-
cpe:2.3:a:microsoft:internet_explorer:5.01
-
cpe:2.3:a:microsoft:internet_explorer:5.5