CVE-2001-0338

Sažetak

Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."

Reference

http://www.ciac.org/ciac/bulletins/l-087.shtml
http://www.securityfocus.com/bid/2735
https://exchange.xforce.ibmcloud.com/vulnerabilities/6555
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-027

CVSS

Base:	5.1
Impact:	6.4
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

23-07-2021 - 12:18

Objavljeno

27-06-2001 - 04:00