CVSS: 7.5EPSS: 86%CPEs: 1EXPL: 0CVE-2001-0339
https://notcve.org/view.php?id=CVE-2001-0339
Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability." • http://www.ciac.org/ciac/bulletins/l-087.shtml http://www.osvdb.org/5694 http://www.securityfocus.com/bid/2737 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-027 https://exchange.xforce.ibmcloud.com/vulnerabilities/6556 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1096 •
CVSS: 5.1EPSS: 1%CPEs: 2EXPL: 0CVE-2001-0338
https://notcve.org/view.php?id=CVE-2001-0338
Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability." • http://www.ciac.org/ciac/bulletins/l-087.shtml http://www.securityfocus.com/bid/2735 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-027 https://exchange.xforce.ibmcloud.com/vulnerabilities/6555 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0246
https://notcve.org/view.php?id=CVE-2001-0246
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-027 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0332
https://notcve.org/view.php?id=CVE-2001-0332
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability. • http://marc.info/?l=bugtraq&m=98609031517525&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-027 •
CVSS: 2.6EPSS: 0%CPEs: 8EXPL: 1CVE-2001-1450
https://notcve.org/view.php?id=CVE-2001-1450
Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./". • http://cert.uni-stuttgart.de/archive/vuln-dev/2001/05/msg00029.html http://www.kb.cert.org/vuls/id/199408 https://exchange.xforce.ibmcloud.com/vulnerabilities/10117 •