CVSS: 6.4EPSS: 4%CPEs: 2EXPL: 2CVE-2001-0722 – Microsoft Internet Explorer 5/6 - Cookie Disclosure/Modification
https://notcve.org/view.php?id=CVE-2001-0722
Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability." • https://www.exploit-db.com/exploits/21144 http://marc.info/?l=bugtraq&m=100527618108521&w=2 http://www.ciac.org/ciac/bulletins/m-016.shtml http://www.osvdb.org/1982 http://www.securityfocus.com/archive/1/221612 http://www.securityfocus.com/bid/3513 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-055 https://exchange.xforce.ibmcloud.com/vulnerabilities/7486 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 3CVE-2001-0875 – Microsoft Internet Explorer 5.5/6.0 - Spoofable File Extensions
https://notcve.org/view.php?id=CVE-2001-0875
Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download. • https://www.exploit-db.com/exploits/21164 https://www.exploit-db.com/exploits/641 http://www.securityfocus.com/archive/1/245594 http://www.securityfocus.com/bid/3597 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058 https://exchange.xforce.ibmcloud.com/vulnerabilities/7636 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1014 •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0919
https://notcve.org/view.php?id=CVE-2001-0919
Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow cookies to be stored on your machine" enabled does not warn a user when a cookie is set using Javascript. • http://marc.info/?l=bugtraq&m=100679857614967&w=2 •
CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 1CVE-2001-0807
https://notcve.org/view.php?id=CVE-2001-0807
Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file. • http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=189341 https://exchange.xforce.ibmcloud.com/vulnerabilities/6688 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0904
https://notcve.org/view.php?id=CVE-2001-0904
Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies the HTTP_USER_AGENT (UserAgent) information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients. • http://marc.info/?l=bugtraq&m=100619268115798&w=2 http://www.iss.net/security_center/static/7581.php http://www.securityfocus.com/bid/3556 •