Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0722Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
6.4MEDIUMNVD
EPSS
52.8%
top 2.04%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedDec 6
Latest updateApr 30

Description

Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

1
GHSA
GHSA-mm32-hgw5-cw3m: Internet Explorer 52022-04-30

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5/6 - Cookie Disclosure/Modification2001-11-09
CVE-2001-0722 — Microsoft vulnerability | cvebase