CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0904
https://notcve.org/view.php?id=CVE-2001-0904
Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies the HTTP_USER_AGENT (UserAgent) information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients. • http://marc.info/?l=bugtraq&m=100619268115798&w=2 http://www.iss.net/security_center/static/7581.php http://www.securityfocus.com/bid/3556 •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 1CVE-2001-0723
https://notcve.org/view.php?id=CVE-2001-0723
Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript, aka the "Second Cookie Handling Vulnerability." • http://www.securityfocus.com/bid/3546 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-055 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2001-0724
https://notcve.org/view.php?id=CVE-2001-0724
Internet Explorer 5.5 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing Vulnerability variant" of CVE-2001-0664. • http://www.osvdb.org/5556 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-055 https://exchange.xforce.ibmcloud.com/vulnerabilities/8471 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0667
https://notcve.org/view.php?id=CVE-2001-0667
Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150. • http://www.ciac.org/ciac/bulletins/m-024.shtml http://www.kb.cert.org/vuls/id/952611 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051 https://exchange.xforce.ibmcloud.com/vulnerabilities/7260 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 1CVE-2001-0664 – Microsoft Internet Explorer 5 - Zone Spoofing (MS01-055)
https://notcve.org/view.php?id=CVE-2001-0664
Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing vulnerability." • https://www.exploit-db.com/exploits/21118 http://marc.info/?l=bugtraq&m=100281551611595&w=2 http://morph3us.org/blog/?p=31 http://www.osvdb.org/1971 http://www.securityfocus.com/bid/3420 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051 https://exchange.xforce.ibmcloud.com/vulnerabilities/7258 •