QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2001-0338

Back to search

CVE-2001-0338

Published: Sep 18, 2001

Modified: Aug 8, 2024

PUBLISHED

Description

Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."

VendorProductVersions

n/a

n/a

affected
n/a

References

MS01-027
vendor-advisory
x_refsource_MS
ie-crl-certificate-spoofing(6555)
vdb-entry
x_refsource_XF
2735
vdb-entry
x_refsource_BID
L-087
third-party-advisory
government-resource
x_refsource_CIAC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now