CVE-2001-0003

Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.

Published: Feb 12, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-0003
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / office	2000	2000.x
microsoft / windows_nt	-	-
microsoft / windows_2000	-	-
microsoft / windows_me	-	-

http://www.securityfocus.com/bid/2199
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-001
https://exchange.xforce.ibmcloud.com/vulnerabilities/5920

Vulnerability Database

289,599

CVE-2001-0003