CVE-2001-0338

Published: Jun 27, 2001Modified: Apr 16, 2026

5.1

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability: 4.9 / Impact: 6.4

Source: NVD

Description

Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."

Affected (2)

Products: Microsoft: Internet Explorer

1 product

Internet Explorer

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Up to 5.5
Microsoft Internet Explorer	Version 5.01

References (8)

http://www.ciac.org/ciac/bulletins/l-087.shtml

Source: cve@mitre.org

http://www.securityfocus.com/bid/2735

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-027

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/6555

Source: cve@mitre.org

http://www.ciac.org/ciac/bulletins/l-087.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/2735

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-027

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/6555

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.