CVE-2001-0665
First published: Tue Oct 30 2001(Updated: )
Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user, which could allow attackers to gain privileges or execute operations within web-based services, aka the "HTTP Request Encoding vulnerability."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Internet Explorer | <=6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0665?
CVE-2001-0665 is considered a critical vulnerability due to its potential to grant attackers remote execution capabilities.
How do I fix CVE-2001-0665?
To mitigate CVE-2001-0665, users should upgrade to the latest version of Internet Explorer or apply any patches provided by Microsoft.
What versions of Internet Explorer are affected by CVE-2001-0665?
CVE-2001-0665 affects Internet Explorer 6 and earlier versions on Windows Server 2003 SP1 and other platforms.
Can CVE-2001-0665 lead to privilege escalation?
Yes, CVE-2001-0665 can enable attackers to execute operations with the privileges of the affected user.
How can attackers exploit CVE-2001-0665?
Attackers can exploit CVE-2001-0665 by crafting HTTP requests that are automatically executed by the browser, appearing to originate from the user.
- agent/references
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft internet explorer
- version/microsoft internet explorer/6