| Vulnerability Name: | CVE-2001-0090 (CCN-5614) | ||||||||
| Assigned: | 2000-12-01 | ||||||||
| Published: | 2000-12-01 | ||||||||
| Updated: | 2021-07-23 | ||||||||
| Summary: | The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Template" vulnerability. | ||||||||
| CVSS v3 Severity: | 5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2001-0090 Source: CCN Type: US-CERT VU#820957 Microsoft Internet Explorer 5.5 print template ActiveX control allows arbitrary command execution Source: CCN Type: Microsoft Security Bulletin MS00-093 Patch Available for "Browser Print Template" and "File Upload via Form" Vulnerabilities Source: CCN Type: Microsoft Security Bulletin MS01-015 IE can Divulge Location of Cached Content Source: CCN Type: Microsoft Security Bulletin MS01-027 Flaws in Web Server Certificate Validation Could Enable Spoofing Source: CCN Type: OSVDB ID: 7821 Microsoft IE Print Templates Feature Arbitrary ActiveX Execution Source: BID Type: Patch, Vendor Advisory 2046 Source: CCN Type: BID-2046 Microsoft Internet Explorer 5.5 Print Template ActiveX Vulnerability Source: MS Type: UNKNOWN MS00-093 Source: XF Type: UNKNOWN ie-print-template(5614) Source: XF Type: UNKNOWN ie-print-template(5614) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||