ID CVE-2001-0338
Summary Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.01:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.01:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.01:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.01:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.40.308:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.40.308:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.40.520:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.40.520:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.70.1155:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.70.1155:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.70.1158:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.70.1158:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.70.1215:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.70.1215:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.70.1300:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.70.1300:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.71.544:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.71.544:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.71.1008.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.71.1008.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.71.1712.6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.71.1712.6:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.72.2106.8:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.72.2106.8:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.72.3110.8:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.72.3110.8:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.72.3612.1713:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:4.72.3612.1713:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.0.1:-:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.0.1:-:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.0518.10:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.0518.10:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.0910.1309:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.0910.1309:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.2014.0216:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.2014.0216:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.2314.1003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.2314.1003:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.2516.1900:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.2516.1900:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.2614.3500:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.2614.3500:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.2919.800:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.2919.800:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.2919.3800:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.2919.3800:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.2919.6307:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.2919.6307:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.2920.0000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.2920.0000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.3103.1000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.3103.1000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.3105.0106:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.3105.0106:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.3314.2101:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.3314.2101:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.3315.1000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.3315.1000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.3502.1000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.3502.1000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.00.3700.1000:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.00.3700.1000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.01:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.01:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.5:-:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.5:-:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
CVSS
Base: 5.1 (as of 23-07-2021 - 12:18)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:P/A:P
refmap via4
bid 2735
ciac L-087
xf ie-crl-certificate-spoofing(6555)
Last major update 23-07-2021 - 12:18
Published 27-06-2001 - 04:00
Last modified 23-07-2021 - 12:18
Back to Top