CVE-2001-0643

Published: Sep 20, 2001Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing dangerous programs by making it appear that the document is of a safe file type.

Affected (1)

Products: Microsoft: Internet Explorer

Microsoft

1 product

Internet Explorer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 5.5

References (14)

http://vil.nai.com/vil/virusSummary.asp?virus_k=99048

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.guninski.com/clsidext.html

Source: cve@mitre.org

http://www.osvdb.org/7858

Source: cve@mitre.org

http://www.sarc.com/avcenter/venc/data/vbs.postcard%40mm.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/176909

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.securityfocus.com/bid/2612

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/6426

Source: cve@mitre.org

http://vil.nai.com/vil/virusSummary.asp?virus_k=99048