CVE-2001-0665Microsoft IE vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
10.9%
top 6.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft IE
Timeline
PublishedOct 30
Latest updateApr 30

Description

Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user, which could allow attackers to gain privileges or execute operations within web-based services, aka the "HTTP Request Encoding vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-72jx-7mwq-4jpr: Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user,2022-04-30
CVEList
CVE-2001-0665: Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user,2002-03-09
CVE-2001-0665 — Microsoft IE vulnerability | cvebase