CVE-2001-0727 | Vulnerability Database | Aqua Security

Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the File Execution Vulnerability.

Affected Software

Name	Vendor	Start Version	End Version
Internet_explorer	Microsoft	5.5 (including)	5.5 (including)
Internet_explorer	Microsoft	6.0 (including)	6.0 (including)

References

http://marc.info/?l=bugtraq\u0026m=100835204509262\u0026w=2
http://marc.info/?l=bugtraq\u0026m=100861273114437\u0026w=2
http://www.cert.org/advisories/CA-2001-36.html
http://www.ciac.org/ciac/bulletins/m-027.shtml
http://www.kb.cert.org/vuls/id/443699
http://www.osvdb.org/3033
http://www.securityfocus.com/bid/3578
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-058
https://exchange.xforce.ibmcloud.com/vulnerabilities/7703
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A921

NVD	https://nvd.nist.gov/vuln/detail/CVE-2001-0727
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html