CVE-2001-0727 — Microsoft Internet Explorer vulnerability

2 documents2 sources

Severity

7.5HIGHNVD

EPSS

44.1%

top 2.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedDec 14

Latest updateApr 30

Description

Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer5.5, 6.0+1

Patches

Patch: www.cert.org ↗Patch: www.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-93xq-2hp2-cg7q: Internet Explorer 6↗2022-04-30

▶