CVSS: 7.5EPSS: 86%CPEs: 1EXPL: 0CVE-2001-0339
https://notcve.org/view.php?id=CVE-2001-0339
27 Jun 2001 — Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability." • http://www.ciac.org/ciac/bulletins/l-087.shtml •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0332
https://notcve.org/view.php?id=CVE-2001-0332
24 May 2001 — Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability. • http://marc.info/?l=bugtraq&m=98609031517525&w=2 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0246
https://notcve.org/view.php?id=CVE-2001-0246
24 May 2001 — Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-027 •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2001-1450
https://notcve.org/view.php?id=CVE-2001-1450
11 May 2001 — Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./". • http://cert.uni-stuttgart.de/archive/vuln-dev/2001/05/msg00029.html •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 2CVE-2001-0149 – Microsoft Windows Script Host 5.1/5.5 - 'GetObject()' File Disclosure
https://notcve.org/view.php?id=CVE-2001-0149
07 May 2001 — Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object. • https://www.exploit-db.com/exploits/20243 •
CVSS: 9.8EPSS: 6%CPEs: 4EXPL: 0CVE-2001-0002
https://notcve.org/view.php?id=CVE-2001-0002
07 May 2001 — Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs. • http://www.guninski.com/chmtempmain.html •
CVSS: 9.8EPSS: 51%CPEs: 1EXPL: 1CVE-2001-0150 – Microsoft Internet Explorer 5.0.1/5.5/6.0 - Telnet Client File Overwrite
https://notcve.org/view.php?id=CVE-2001-0150
07 May 2001 — Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services for Unix (SFU) 2.0, which creates session transcripts. • https://www.exploit-db.com/exploits/20680 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 8.1EPSS: 23%CPEs: 2EXPL: 0CVE-2001-0154
https://notcve.org/view.php?id=CVE-2001-0154
03 May 2001 — HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. Funcionalidad HTML en Internet Explorer 5.5 y anteriores, que permite al atacante la ejecución de un archivo adjunto. Se consigue gracias al envío de cabeceras MIME inválidas para el adjunto que le permiten disfrazarse como un tipo de archivo no ejecutable. El correo electrónico vía HTML se representa en págin... • http://marc.info/?l=bugtraq&m=98596775905044&w=2 •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 2CVE-2001-1325 – Microsoft Internet Explorer 5.0/5.5 / OE 5.5 - XML Stylesheets Active Scripting
https://notcve.org/view.php?id=CVE-2001-1325
20 Apr 2001 — Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH). • https://www.exploit-db.com/exploits/20782 •
CVSS: 6.5EPSS: 2%CPEs: 3EXPL: 2CVE-2001-0322 – Microsoft Internet Explorer 4 / Outlook 2000/5.5 - 'MSHTML.dll' Crash
https://notcve.org/view.php?id=CVE-2001-0322
04 Apr 2001 — MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object. • https://www.exploit-db.com/exploits/20552 •