Arbitrary File Reading Vulnerability in Internet Explorer 5.0-5.5 ActiveX Control

Arbitrary File Reading Vulnerability in Internet Explorer 5.0-5.5 ActiveX Control

CVE-2001-0091 · LOW Severity

AV:N/AC:H/AU:N/C:P/I:N/A:N

The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a variant of the "Scriptlet Rendering" vulnerability.

Learn more about our Web Application Penetration Testing UK.