Skip to content
Medium Published: Sep 07, 2001 Modified: Apr 03, 2025

CVE-2001-1099

5 CVSS Score Medium
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Export CVE-2001-1099 Data:
Share:
Link copied!

Description

The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Confidentiality P
Integrity None
Availability None

Affected Software Configurations

  • a symantec norton_antivirus 2.5 * * * * * * *
  • a microsoft exchange_server 2000 - * * * * * *
  • a microsoft exchange_server 2000 sp1 * * * * * *

Weaknesses (CWE)

  • CWE-434

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2001-0340 CVSS 0 Same weakness: CWE-434 CVE-2001-0901 CVSS 0 Same weakness: CWE-434 CVE-2002-1841 CVSS 0 Same weakness: CWE-434 CVE-2004-2262 CVSS 0 Same weakness: CWE-434 CVE-2005-0254 CVSS 3.7 Same weakness: CWE-434

CVE History Timeline

Jan 01, 2004 05:00 Initial Analysis
Oct 10, 2017 01:30 CVE Modified
Apr 02, 2020 12:51 Modified Analysis
May 14, 2024 01:19 CVE Modified
Nov 20, 2024 23:36 CVE Modified
← Back to CVE Tracker