CVE-2001-0002
First published: Mon May 07 2001(Updated: )
Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows Script Host | =5.1 | |
| Microsoft Internet Explorer | =5.01 | |
| Microsoft Windows Script Host | =5.5 | |
| Microsoft Internet Explorer | <=5.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.guninski.com/chmtempmain.html
- http://www.securityfocus.com/bid/2456
- http://www.osvdb.org/7823
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5567
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/event
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft windows script host
- version/microsoft windows script host/5.1
- canonical/microsoft internet explorer
- version/microsoft internet explorer/5.01
- version/microsoft windows script host/5.5
- version/microsoft internet explorer/5.5