CVE-2001-0150
First published: Mon May 07 2001(Updated: )
Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services for Unix (SFU) 2.0, which creates session transcripts.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Internet Explorer | <=5.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0150?
CVE-2001-0150 is a critical vulnerability that allows remote attackers to execute arbitrary commands via a vulnerable Telnet session.
How do I fix CVE-2001-0150?
To mitigate CVE-2001-0150, users should upgrade to a later version of Internet Explorer or disable any Telnet client depending on the affected version.
Who is affected by CVE-2001-0150?
CVE-2001-0150 affects users of Internet Explorer 5.5 and earlier who have the Telnet client from Services for Unix 2.0.
What type of attack is associated with CVE-2001-0150?
CVE-2001-0150 is associated with command injection attacks that can lead to arbitrary code execution.
Can CVE-2001-0150 be exploited remotely?
Yes, CVE-2001-0150 can be exploited remotely by attackers leveraging crafted web pages.
- agent/references
- agent/type
- agent/softwarecombine
- agent/author
- agent/remedy
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-historical
- vendor/microsoft
- canonical/internet explorer
- version/internet explorer/5.5