Skip to content
High Published: Jul 21, 2001 Modified: Apr 03, 2025

CVE-2001-0340

7.5 CVSS Score High
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Export CVE-2001-0340 Data:
Share:
Link copied!

Description

An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Confidentiality P
Integrity P
Availability P

Affected Software Configurations

  • a microsoft exchange_server 5.5 - * * * * * *
  • a microsoft exchange_server 2000 - * * * * * *

Weaknesses (CWE)

  • CWE-434

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2001-1099 CVSS 0 Same weakness: CWE-434 CVE-2001-0901 CVSS 0 Same weakness: CWE-434 CVE-2002-1841 CVSS 0 Same weakness: CWE-434 CVE-2004-2262 CVSS 0 Same weakness: CWE-434 CVE-2005-0254 CVSS 3.7 Same weakness: CWE-434

CVE History Timeline

Jan 01, 2004 05:00 Initial Analysis
Oct 10, 2017 01:29 CVE Modified
Oct 12, 2018 21:30 CVE Modified
Apr 02, 2020 13:14 Modified Analysis
May 14, 2024 01:18 CVE Modified
Nov 20, 2024 23:35 CVE Modified
← Back to CVE Tracker