Unrated severityNVD Advisory· Published Dec 31, 2001· Updated Jun 16, 2026
CVE-2001-1497
CVE-2001-1497
Description
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack.
Affected products
14cpe:2.3:a:microsoft:ie:4.0.1:*:windows_98:*:*:*:*:*+ 5 more
- cpe:2.3:a:microsoft:ie:4.0.1:*:windows_98:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:4.0.1:*:windows_nt:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:4.0:*:windows_nt:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:4.1:*:windows_95:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:4.1:*:windows_98:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:4.1:*:windows_nt_4.0:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
- (no CPE)range: 4.0 - 6.0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.