| Vulnerability Name: | CVE-2001-0339 (CCN-6556) | ||||||||
| Assigned: | 2001-05-16 | ||||||||
| Published: | 2001-05-16 | ||||||||
| Updated: | 2021-07-23 | ||||||||
| Summary: | Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability." | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| References: | Source: MITRE Type: CNA CVE-2001-0339 Source: CCN Type: CIAC Information Bulletin L-087 Microsoft Internet Explorer Flaws in Certificate Validation Source: CIAC Type: UNKNOWN L-087 Source: CCN Type: US-CERT VU#988768 Microsoft Internet Explorer (IE) permits modification of URL displayed in address bar Source: CCN Type: Microsoft Security Bulletin MS01-027 Flaws in Web Server Certificate Validation Could Enable Spoofing Source: OSVDB Type: UNKNOWN 5694 Source: CCN Type: OSVDB ID: 5694 Microsoft IE Address Bar URL Spoofing Source: BID Type: UNKNOWN 2737 Source: CCN Type: BID-2737 Microsoft IE SSL Spoofing Vulnerability Source: MS Type: UNKNOWN MS01-027 Source: XF Type: UNKNOWN ie-html-url-spoofing(6556) Source: XF Type: UNKNOWN ie-html-url-spoofing(6556) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1096 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||