Executive Summary

Informations
NameCVE-2001-0003First vendor Publication2001-02-12
VendorCveLast vendor Modification2018-10-12

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0003

CWE : Common Weakness Enumeration

%idName

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Os1
Os1
Os1

Open Source Vulnerability Database (OSVDB)

idDescription
1724Microsoft Web Client Extender NTLM Credential Disclosure

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/2199
MS https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01...
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/5920

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2018-10-13 00:22:23
  • Multiple Updates
2018-08-14 12:01:31
  • Multiple Updates
2017-10-10 09:23:18
  • Multiple Updates
2013-05-11 12:02:36
  • Multiple Updates