Vulnerabilities > CVE-2001-1497 - Unspecified vulnerability in Microsoft IE and Internet Explorer

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

NVD

Published: 2001-12-31

Updated: 2024-11-20

Summary

Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft IE 4.0.1 Microsoft IE 4.0 Microsoft IE 4.1 Microsoft Internet Explorer 5.5 Microsoft Internet Explorer 4.0.1 Microsoft Internet Explorer 4.0 Microsoft Internet Explorer 6.0	13

References

http://www.iss.net/security_center/static/7592.php
http://www.iss.net/security_center/static/7592.php
http://www.securityfocus.com/archive/1/241323
http://www.securityfocus.com/archive/1/241323
http://www.securityfocus.com/archive/1/241400
http://www.securityfocus.com/archive/1/241400
http://www.securityfocus.com/bid/3563
http://www.securityfocus.com/bid/3563