CVE-2001-0002

Published: Jul 21, 2001Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.

Affected (4)

Products: Microsoft: Internet Explorer, Windows Script Host

2 products

Internet Explorer

Windows Script Host

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Up to 5.5
Microsoft Internet Explorer	Version 5.01
Microsoft Windows Script Host	Version 5.1
Microsoft Windows Script Host	Version 5.5

References (12)

http://www.guninski.com/chmtempmain.html

Source: cve@mitre.org

http://www.osvdb.org/7823

Source: cve@mitre.org

http://www.securityfocus.com/bid/2456

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/5567

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920

Source: cve@mitre.org

http://www.guninski.com/chmtempmain.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/7823

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/2456

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/5567

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.