CVE-2001-0091Microsoft Internet Explorer vulnerability

2 documents2 sources
Severity
2.6LOWNVD
EPSS
13.5%
top 5.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedFeb 16
Latest updateApr 30

Description

The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

NVDmicrosoft/internet_explorer4 versions+3

🔴Vulnerability Details

1
GHSA
GHSA-rm82-qwv7-jmg6: The ActiveX control for invoking a scriptlet in Internet Explorer 52022-04-30
CVE-2001-0091 — Microsoft vulnerability | cvebase