Vulnerability Details CVE-2001-0643
Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.173
EPSS Ranking 94.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://vil.nai.com/vil/virusSummary.asp?virus_k=99048
- http://www.guninski.com/clsidext.html
- http://www.osvdb.org/7858
- http://www.sarc.com/avcenter/venc/data/vbs.postcard%40mm.html
- http://www.securityfocus.com/archive/1/176909
- http://www.securityfocus.com/bid/2612
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6426
- http://vil.nai.com/vil/virusSummary.asp?virus_k=99048
- http://www.guninski.com/clsidext.html
- http://www.osvdb.org/7858
- http://www.sarc.com/avcenter/venc/data/vbs.postcard%40mm.html
- http://www.securityfocus.com/archive/1/176909
- http://www.securityfocus.com/bid/2612
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6426
Products affected by CVE-2001-0643
-
cpe:2.3:a:microsoft:internet_explorer:5.5