CVE-2001-0149

Description

Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.

Related CPE's

Could not find any relations

References

20000926 IE 5.5/Outlook Express security vulnerability - GetObject() expose user's files

ExploitPatchVendor Advisory

1718

20000926 IE 5.5/Outlook Express security vulnerability - GetObject() expose user's files

ie-getobject-expose-files(5293)

MS01-015

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version	2.0
VectorString	AV:N/AC:L/Au:N/C:P/I:N/A:N
AccessVector	NETWORK
AccessComplexity	LOW
Authentication	NONE
ConfidentialityImpact	PARTIAL
IntegrityImpact	NONE
AvailabilityImpact	NONE
BaseScore	5

Created by Yello

About Severity.io