CVE-2001-0338
First published: Wed Jun 27 2001(Updated: )
Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Internet Explorer | <=5.5 | |
| Internet Explorer | =5.01 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0338?
CVE-2001-0338 is considered a critical vulnerability due to its potential to allow remote attackers to spoof trusted websites.
How do I fix CVE-2001-0338?
To mitigate CVE-2001-0338, users should upgrade to a later version of Internet Explorer that addresses this certificate validation issue.
What versions of Internet Explorer are affected by CVE-2001-0338?
CVE-2001-0338 impacts Internet Explorer 5.5 and earlier versions, including 5.01.
What are the risks associated with CVE-2001-0338?
The primary risk of CVE-2001-0338 is that attackers can impersonate trusted websites, potentially leading to data theft or phishing attacks.
Does CVE-2001-0338 affect other operating systems?
CVE-2001-0338 specifically pertains to Internet Explorer and is not directly related to other operating systems.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/internet explorer
- version/internet explorer/5.5
- version/internet explorer/5.01