CVE-2001-0149

Published: Jun 2, 2001Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.

Affected (1)

Products: Microsoft: Internet Explorer

Microsoft

1 product

Internet Explorer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Up to 5.5

References (10)

http://archives.neohapsis.com/archives/bugtraq/2000-09/0305.html

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://marc.info/?l=ntbugtraq&m=96999020527583&w=2

Source: cve@mitre.org

http://www.securityfocus.com/bid/1718

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/5293

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2000-09/0305.html