CVE-2001-0712Microsoft Internet Explorer vulnerability

2 documents2 sources
Severity
7.5HIGHNVD
EPSS
9.8%
top 7.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedOct 30
Latest updateApr 30

Description

The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote servers to automatically execute script which is placed in a file whose MIME type does not normally support scripting, such as text (.txt), JPEG (.jpg), etc.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/internet_explorer5.0, 5.0.1, 5.5+2

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

1
GHSA
GHSA-h36f-47pj-244w: The rendering engine in Internet Explorer determines the MIME type independently of the type that is specified by the server, which allows remote serv2022-04-30
CVE-2001-0712 — Microsoft vulnerability | cvebase