Unrated severityNVD Advisory· Published Jun 2, 2001· Updated Apr 16, 2026

CVE-2001-0149

Description

Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.

Affected products

Microsoft/Internet Explorer
cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
Range: <=5.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2000-09/0305.htmlnvdExploitPatchVendor Advisory
marc.infonvd
www.securityfocus.com/bid/1718nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015nvd
exchange.xforce.ibmcloud.com/vulnerabilities/5293nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.033
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000