Published: 20/04/2001 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote malicious users to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH).

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft outlook express 5.0
microsoft outlook express 5.5
microsoft internet explorer 5.0
microsoft internet explorer 5.5

source: wwwsecurityfocuscom/bid/2633/info A vulnerability exists in the handling of XML stylesheets in Internet Explorer and Outlook Express If active scripting is disabled in all security zones, IE and OE will still allow script to run if it is contained in the stylesheet of an XML page From: "georgi" Subject: xstyle Date: MIME-Ver ...

NVD-CWE-Other http://www.securityfocus.com/bid/2633 https://exchange.xforce.ibmcloud.com/vulnerabilities/6448 http://www.securityfocus.com/archive/1/3AE02004.57FDF958%40guninski.com https://nvd.nist.gov https://www.exploit-db.com/exploits/20782/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-1325

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect