VDB
CVE-2001-0154
CVE-2001-0154
PUBLISHED
CVSS 7.5 HIGH
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
EPSS 16.80% · 95.1th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
16.80%
95.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| microsoft | internet_explorer | 5.01, 0 |
Timeline
- May 3, 2001 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 26, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- CA-2001-06 third-party-advisory
- MS01-020 vendor-advisory
- 2524 vdb
- 1001197 vdb
- ie-mime-execute-code(6306) vdb
- L-066 third-party-advisory
- oval:org.mitre.oval:def:141 vdb
- 20010330 Incorrect MIME Header Can Cause IE to Execute E-mail Attachment mailing-list
- 7806 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2001-0154 advisory