CVE-2001-0904 — Microsoft Internet Explorer vulnerability

2 documents2 sources

Severity

5.0MEDIUMNVD

EPSS

17.9%

top 4.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedNov 20

Latest updateApr 30

Description

Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies the HTTP_USER_AGENT (UserAgent) information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer5.5, 6.0+1

🔴Vulnerability Details

GHSA

GHSA-4hhp-j8xj-7qx2: Internet Explorer 5↗2022-04-30

▶