CVE-2001-1325

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH).

Published: Apr 20, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-1325
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / outlook_express	5.0	5.0.x
microsoft / outlook_express	5.5	5.5.x
microsoft / internet_explorer	5.0	5.0.x
microsoft / internet_explorer	5.5	5.5.x

http://www.securityfocus.com/archive/1/[email protected]
http://www.securityfocus.com/archive/1/3AE02004.57FDF958%40guninski.com
http://www.securityfocus.com/bid/2633
https://exchange.xforce.ibmcloud.com/vulnerabilities/6448

Vulnerability Database

289,599

CVE-2001-1325