VYPR
Unrated severityNVD Advisory· Published Dec 31, 2001· Updated Jun 16, 2026

CVE-2001-1497

CVE-2001-1497

Description

Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack.

Affected products

14
  • Microsoft/Ie6 versions
    cpe:2.3:a:microsoft:ie:4.0.1:*:windows_98:*:*:*:*:*+ 5 more
    • cpe:2.3:a:microsoft:ie:4.0.1:*:windows_98:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:4.0.1:*:windows_nt:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:4.0:*:windows_nt:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:4.1:*:windows_95:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:4.1:*:windows_98:*:*:*:*:*
    • cpe:2.3:a:microsoft:ie:4.1:*:windows_nt_4.0:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
    • (no CPE)range: 4.0 - 6.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.