High severity7.3NVD Advisory· Published Oct 30, 2001· Updated Apr 16, 2026

CVE-2001-0667

Description

Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant of the Telnet Invocation vulnerability as described in CVE-2001-0150.

Affected products

Microsoft/Internet Explorer
cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
Range: <=6.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051nvdPatchVendor Advisory
www.kb.cert.org/vuls/id/952611nvdThird Party AdvisoryUS Government Resource
exchange.xforce.ibmcloud.com/vulnerabilities/7260nvdThird Party AdvisoryVDB Entry
www.ciac.org/ciac/bulletins/m-024.shtmlnvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.474
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000