Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2001-0664 | First vendor Publication | 2001-10-30 |
Vendor | Cve | Last vendor Modification | 2021-07-23 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0664 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
1971 | Microsoft IE Dotless IP Zone Spoofing Microsoft Internet Explorer contains a flaw related to the way dotless IP addresses are classified with respect to their security zone. This flaw may allow an attacker to have Internet Explorer interpret a site of the Internet security zone as a site of the Intranet security zone and therefore execute in a context of lower security. |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-07-27 00:24:38 |
|
2021-07-24 01:44:16 |
|
2021-07-24 01:01:11 |
|
2021-07-23 17:24:42 |
|
2021-05-04 12:01:25 |
|
2021-04-22 01:01:34 |
|
2020-05-23 00:14:40 |
|
2018-10-13 00:22:24 |
|
2017-10-10 09:23:21 |
|
2016-10-18 12:00:55 |
|
2016-06-28 14:56:26 |
|
2013-05-11 12:04:50 |
|