Unrated severityNVD Advisory· Published Jul 21, 2001· Updated Apr 16, 2026

CVE-2001-0002

Description

Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.

Affected products

Microsoft/Internet Explorer2 versions
cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*range: <=5.5
- cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
Microsoft/Windows Script Host2 versions
cpe:2.3:a:microsoft:windows_script_host:5.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:windows_script_host:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:windows_script_host:5.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.guninski.com/chmtempmain.htmlnvd
www.osvdb.org/7823nvd
www.securityfocus.com/bid/2456nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015nvd
exchange.xforce.ibmcloud.com/vulnerabilities/5567nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.020
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000