CVE-2001-0003
Published Feb 12, 2001
Last updated 6 years ago
Overview
- Description
- Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:2000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9A82D13-513C-46FA-AF51-0582233E230A"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0"
}
],
"operator": "OR"
}
]
}
]