CVE-2001-0658
First published: Thu Sep 20 2001(Updated: )
Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not properly quoted in an error message.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Internet Security and Acceleration Server | =2000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0658?
The severity of CVE-2001-0658 is classified as high due to the potential for remote attackers to execute malicious scripts.
How do I fix CVE-2001-0658?
To fix CVE-2001-0658, it is recommended to apply the latest security updates from Microsoft for ISA Server 2000.
What software versions are affected by CVE-2001-0658?
CVE-2001-0658 specifically affects Microsoft ISA Server 2000.
What type of vulnerability is CVE-2001-0658?
CVE-2001-0658 is a cross-site scripting (XSS) vulnerability.
Can CVE-2001-0658 lead to data theft?
Yes, CVE-2001-0658 can potentially allow attackers to read cookies, leading to data theft.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/microsoft internet security and acceleration server
- version/microsoft internet security and acceleration server/2000