CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 3CVE-2001-0875 – Microsoft Internet Explorer 5.5/6.0 - Spoofable File Extensions
https://notcve.org/view.php?id=CVE-2001-0875
Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download. • https://www.exploit-db.com/exploits/21164 https://www.exploit-db.com/exploits/641 http://www.securityfocus.com/archive/1/245594 http://www.securityfocus.com/bid/3597 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058 https://exchange.xforce.ibmcloud.com/vulnerabilities/7636 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1014 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0904
https://notcve.org/view.php?id=CVE-2001-0904
Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies the HTTP_USER_AGENT (UserAgent) information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients. • http://marc.info/?l=bugtraq&m=100619268115798&w=2 http://www.iss.net/security_center/static/7581.php http://www.securityfocus.com/bid/3556 •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 1CVE-2001-0723
https://notcve.org/view.php?id=CVE-2001-0723
Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript, aka the "Second Cookie Handling Vulnerability." • http://www.securityfocus.com/bid/3546 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-055 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0667
https://notcve.org/view.php?id=CVE-2001-0667
Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150. • http://www.ciac.org/ciac/bulletins/m-024.shtml http://www.kb.cert.org/vuls/id/952611 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051 https://exchange.xforce.ibmcloud.com/vulnerabilities/7260 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 2.6EPSS: 0%CPEs: 8EXPL: 1CVE-2001-1450
https://notcve.org/view.php?id=CVE-2001-1450
Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./". • http://cert.uni-stuttgart.de/archive/vuln-dev/2001/05/msg00029.html http://www.kb.cert.org/vuls/id/199408 https://exchange.xforce.ibmcloud.com/vulnerabilities/10117 •