CVE-2001-0664
First published: Tue Oct 30 2001(Updated: )
Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing vulnerability."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Internet Explorer | =5.01 | |
| Internet Explorer | =5.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0664?
CVE-2001-0664 has a medium severity rating due to its potential to allow security restriction bypass.
How does CVE-2001-0664 exploit the system?
CVE-2001-0664 exploits malformed URLs with dotless IP addresses to trick Internet Explorer into treating the content as part of the Intranet Zone.
What versions of Internet Explorer are affected by CVE-2001-0664?
CVE-2001-0664 affects Internet Explorer versions 5.0, 5.01, and 5.5.
How can I protect my system from CVE-2001-0664?
To protect against CVE-2001-0664, users should upgrade to a secure version of Internet Explorer or apply relevant security patches.
Is CVE-2001-0664 a known vulnerability?
Yes, CVE-2001-0664 is a known vulnerability that has been documented within cybersecurity resources.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/internet explorer
- version/internet explorer/5.01
- version/internet explorer/5.5