CVE-2001-0664

high Microsoft
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
27.3%
Exploitation probability in 30 days
Top 4% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: October 30, 2001 (8962 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing vulnerability."

CWE

NVD-CWE-Other

Affected Products

microsoft internet explorer

References

🔗 marc.info 🔗 morph3us.org 🔗 www.osvdb.org 🔗 www.securityfocus.com 🔗 docs.microsoft.com