Vulnerability Details CVE-2001-1325
Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.138
EPSS Ranking 93.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/archive/1/3AE02004.57FDF958%40guninski.com
- http://www.securityfocus.com/bid/2633
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6448
- http://www.securityfocus.com/archive/1/3AE02004.57FDF958%40guninski.com
- http://www.securityfocus.com/bid/2633
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6448
Products affected by CVE-2001-1325
-
cpe:2.3:a:microsoft:internet_explorer:5.0
-
cpe:2.3:a:microsoft:internet_explorer:5.5
-
cpe:2.3:a:microsoft:outlook_express:5.0
-
cpe:2.3:a:microsoft:outlook_express:5.5