Remote Code Execution Vulnerability in Internet Explorer by Microsoft
CVE-2001-0002

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Script Host; Internet Explorer
Vendor: CVE Published:; 21 July 2001

What is CVE-2001-0002?

A security weakness exists in Internet Explorer 5.5 and earlier, allowing remote attackers to exploit the caching mechanism to retrieve the physical location of cached content. By manipulating this vulnerability, attackers can open this content within the Local Computer Zone and utilize compiled HTML help (.chm) files to execute arbitrary programs on the user's machine, posing a significant risk to system integrity and user information.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.osvdb.org/7823

vdb-entryx_refsource_OSVDB

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

14% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 21, 2001
Vulnerability Reserved
Jan 4, 2001