CVE-2001-0002

critical

Description

Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920

https://exchange.xforce.ibmcloud.com/vulnerabilities/5567

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015

http://www.securityfocus.com/bid/2456

http://www.osvdb.org/7823

http://www.guninski.com/chmtempmain.html

Details

Source: Mitre, NVD

Published: 2001-07-21

Updated: 2021-07-23

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics