Vulnerabilities > CVE-2001-0002 - Unspecified vulnerability in Microsoft Internet Explorer and Windows Script Host
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.
Vulnerable Configurations
Oval
| accepted | 2014-02-24T04:03:28.132-05:00 | ||||||||
| class | vulnerability | ||||||||
| contributors |
| ||||||||
| description | Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. | ||||||||
| family | windows | ||||||||
| id | oval:org.mitre.oval:def:920 | ||||||||
| status | accepted | ||||||||
| submitted | 2004-04-29T12:00:00.000-04:00 | ||||||||
| title | IE Cached Content Command Execution Vulnerability | ||||||||
| version | 66 |
References
- http://www.guninski.com/chmtempmain.html
- http://www.guninski.com/chmtempmain.html
- http://www.osvdb.org/7823
- http://www.osvdb.org/7823
- http://www.securityfocus.com/bid/2456
- http://www.securityfocus.com/bid/2456
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5567
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5567
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920