CVE-2001-0338

Description

Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."

Related CPE's

Could not find any relations

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:H/Au:N/C:P/I:P/A:P

AccessVector

NETWORK

AccessComplexity

HIGH

Authentication

NONE

ConfidentialityImpact

PARTIAL

IntegrityImpact

PARTIAL

AvailabilityImpact

PARTIAL

BaseScore

5.099999904632568