Vulnerability Details CVE-2001-0727
Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.507
EPSS Ranking 97.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=100835204509262&w=2
- http://marc.info/?l=bugtraq&m=100861273114437&w=2
- http://www.cert.org/advisories/CA-2001-36.html
- http://www.ciac.org/ciac/bulletins/m-027.shtml
- http://www.kb.cert.org/vuls/id/443699
- http://www.osvdb.org/3033
- http://www.securityfocus.com/bid/3578
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7703
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A921
- http://marc.info/?l=bugtraq&m=100835204509262&w=2
- http://marc.info/?l=bugtraq&m=100861273114437&w=2
- http://www.cert.org/advisories/CA-2001-36.html
- http://www.ciac.org/ciac/bulletins/m-027.shtml
- http://www.kb.cert.org/vuls/id/443699
- http://www.osvdb.org/3033
- http://www.securityfocus.com/bid/3578
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7703
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A921
Products affected by CVE-2001-0727
-
cpe:2.3:a:microsoft:internet_explorer:5.5
-
cpe:2.3:a:microsoft:internet_explorer:6.0