CVE-2001-1497Microsoft IE vulnerability

3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.6%
top 31.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedDec 31
Latest updateApr 30

Description

Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDmicrosoft/internet_explorer4 versions+3
NVDmicrosoft/ie4.0, 4.0.1, 4.1+2

🔴Vulnerability Details

2
GHSA
GHSA-vq53-fvjx-3c2c: Microsoft Internet Explorer 42022-04-30
CVEList
CVE-2001-1497: Microsoft Internet Explorer 42005-06-21
CVE-2001-1497 — Microsoft IE vulnerability | cvebase