CVE-2001-0667
Last modified
CVE-2001-0667 is a high-severity vulnerability rated 7.3/10 on the CVSS scale. Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150.. EPSS estimates a 14.68% chance of exploitation in the next 30 days.
Description
Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | <= 6.0 |
References
- http://www.kb.cert.org/vuls/id/952611Third Party Advisory, US Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051Patch, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7260Third Party Advisory, VDB Entry
- http://www.kb.cert.org/vuls/id/952611Third Party Advisory, US Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051Patch, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7260Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2001-0667?
How severe is CVE-2001-0667?
How do I fix CVE-2001-0667?
Are you affected by CVE-2001-0667?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST