ID |
CVE-2001-0643
|
Summary |
Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 5.0 (as of 23-07-2021 - 12:18) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
refmap
via4
|
bid | 2612 | bugtraq | 20010416 Double clicking on innocent looking files may be dangerous | misc | | osvdb | 7858 | xf | ie-clsid-execute-files(6426) |
|
Last major update |
23-07-2021 - 12:18 |
Published |
20-09-2001 - 04:00 |
Last modified |
23-07-2021 - 12:18 |