Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0664Microsoft Internet Explorer vulnerability

5 documents3 sources
Severity
7.5HIGHNVD
EPSS
27.3%
top 3.58%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedOct 30
Latest updateApr 30

Description

Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-35hr-3jc6-7qrp: Internet Explorer 52022-04-30
GHSA
GHSA-3vhr-9x24-76hj: Internet Explorer 52022-04-30

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5 - Zone Spoofing (MS01-055)2001-10-10
CVE-2001-0664 — Microsoft vulnerability | cvebase