CVE-2001-0149

Опубликовано: 02 июн. 2001

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2000-09/0305.html
Exploit
Patch
Vendor Advisory
http://marc.info/?l=ntbugtraq&m=96999020527583&w=2
http://www.securityfocus.com/bid/1718
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015
https://exchange.xforce.ibmcloud.com/vulnerabilities/5293
http://archives.neohapsis.com/archives/bugtraq/2000-09/0305.html
Exploit
Patch
Vendor Advisory
http://marc.info/?l=ntbugtraq&m=96999020527583&w=2
http://www.securityfocus.com/bid/1718
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015
https://exchange.xforce.ibmcloud.com/vulnerabilities/5293

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*

Версия до 5.5 (включая)

EPSS

Процентиль: 97%

0.43558

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-p9ph-4v96-x6rg

github

больше 3 лет назад