CVE-2001-0154 (GCVE-0-2001-0154)

Vulnerability from cvelistv5 – Published: 2001-05-07 04:00 – Updated: 2024-08-08 04:06
VLAI?
Summary
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.cert.org/advisories/CA-2001-06.html third-party-advisoryx_refsource_CERT
https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
http://www.securityfocus.com/bid/2524 vdb-entryx_refsource_BID
http://securitytracker.com/id?1001197 vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.ciac.org/ciac/bulletins/l-066.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://marc.info/?l=bugtraq&m=98596775905044&w=2 mailing-listx_refsource_BUGTRAQ
http://www.osvdb.org/7806 vdb-entryx_refsource_OSVDB
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:06:55.428Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CA-2001-06",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2001-06.html"
          },
          {
            "name": "MS01-020",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-020"
          },
          {
            "name": "2524",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/2524"
          },
          {
            "name": "1001197",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1001197"
          },
          {
            "name": "ie-mime-execute-code(6306)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6306"
          },
          {
            "name": "L-066",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/l-066.shtml"
          },
          {
            "name": "oval:org.mitre.oval:def:141",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A141"
          },
          {
            "name": "20010330 Incorrect MIME Header Can Cause IE to Execute E-mail Attachment",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=98596775905044\u0026w=2"
          },
          {
            "name": "7806",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/7806"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-03-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-09-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CA-2001-06",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2001-06.html"
        },
        {
          "name": "MS01-020",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-020"
        },
        {
          "name": "2524",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/2524"
        },
        {
          "name": "1001197",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1001197"
        },
        {
          "name": "ie-mime-execute-code(6306)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6306"
        },
        {
          "name": "L-066",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/l-066.shtml"
        },
        {
          "name": "oval:org.mitre.oval:def:141",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A141"
        },
        {
          "name": "20010330 Incorrect MIME Header Can Cause IE to Execute E-mail Attachment",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=98596775905044\u0026w=2"
        },
        {
          "name": "7806",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/7806"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0154",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CA-2001-06",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2001-06.html"
            },
            {
              "name": "MS01-020",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-020"
            },
            {
              "name": "2524",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/2524"
            },
            {
              "name": "1001197",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1001197"
            },
            {
              "name": "ie-mime-execute-code(6306)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6306"
            },
            {
              "name": "L-066",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/l-066.shtml"
            },
            {
              "name": "oval:org.mitre.oval:def:141",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A141"
            },
            {
              "name": "20010330 Incorrect MIME Header Can Cause IE to Execute E-mail Attachment",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=98596775905044\u0026w=2"
            },
            {
              "name": "7806",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/7806"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0154",
    "datePublished": "2001-05-07T04:00:00",
    "dateReserved": "2001-02-10T00:00:00",
    "dateUpdated": "2024-08-08T04:06:55.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.5\", \"matchCriteriaId\": \"7BDFCFCB-6E90-4F29-9852-A3099DF05843\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6219D36E-9E2C-4DC7-8FD5-FAD144A333F6\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.\"}, {\"lang\": \"es\", \"value\": \"Funcionalidad HTML en Internet Explorer 5.5 y anteriores, que permite al atacante la ejecuci\\u00f3n de un archivo adjunto. Se consigue gracias al env\\u00edo de cabeceras MIME inv\\u00e1lidas para el adjunto que le permiten disfrazarse como un tipo de archivo no ejecutable. \\r\\n\\r\\nEl correo electr\\u00f3nico v\\u00eda HTML  se representa en p\\u00e1ginas web que el explorador es capaz de interpretar. Cuando el correo contiene ficheros adjuntos el Explorador tambi\\u00e9n es capaz de abrir la aplicaci\\u00f3n asociada a los ficheros binarios adjuntos cuyo tipo (extensi\\u00f3n de archivo) est\\u00e1 definido en las cabeceras MIME. \\r\\n\\r\\nSin embargo, existe un defecto en el tipo de tratamiento que es especificado para ciertos tipos MIME sin identificar. Si un atacante crea un correo HTML conteniendo un  fichero adjunto ejecutable y le sustituye la informaci\\u00f3n de cabecera MIME por otra, que contiene un tipo de archivo MIME reconocido, provocar\\u00eda  la ejecuci\\u00f3n autom\\u00e1tica del adjunto.\\r\\n\\r\\nUn atacante podr\\u00eda usar esta vulnerabilidad en cualquiera de estos dos escenarios.\\r\\n\\r\\nEl atacante pod\\u00edra generar un correo electr\\u00f3nico HTML infectado sobre un sitio web \\u00fd despues intentar convencer a otro usuario para que los visite. El fichero adjunto ser\\u00eda ejecutado autom\\u00e1ticamente simplemente por visualizar la p\\u00e1gina que muestra la lista de mensajes.\\r\\n\\r\\nEn el otro supuesto, el atacante conseguir\\u00eda su objetivo envi\\u00e1ndo directamente el correo HTML a la direcci\\u00f3n del ususario que desea infectar.\\r\\n\\r\\nEn ambos supuestos la ejecuci\\u00f3n del adjunto est\\u00e1 limitada a los privilegios de sistema que tenga establecidos el ususario.\"}]",
      "id": "CVE-2001-0154",
      "lastModified": "2024-11-20T23:34:43.780",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2001-05-03T04:00:00.000",
      "references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=98596775905044\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1001197\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cert.org/advisories/CA-2001-06.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.ciac.org/ciac/bulletins/l-066.shtml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.osvdb.org/7806\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/2524\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-020\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/6306\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A141\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=98596775905044\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1001197\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cert.org/advisories/CA-2001-06.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.ciac.org/ciac/bulletins/l-066.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/7806\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/2524\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-020\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/6306\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A141\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2001-0154\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2001-05-03T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.\"},{\"lang\":\"es\",\"value\":\"Funcionalidad HTML en Internet Explorer 5.5 y anteriores, que permite al atacante la ejecuci\u00f3n de un archivo adjunto. Se consigue gracias al env\u00edo de cabeceras MIME inv\u00e1lidas para el adjunto que le permiten disfrazarse como un tipo de archivo no ejecutable. \\r\\n\\r\\nEl correo electr\u00f3nico v\u00eda HTML  se representa en p\u00e1ginas web que el explorador es capaz de interpretar. Cuando el correo contiene ficheros adjuntos el Explorador tambi\u00e9n es capaz de abrir la aplicaci\u00f3n asociada a los ficheros binarios adjuntos cuyo tipo (extensi\u00f3n de archivo) est\u00e1 definido en las cabeceras MIME. \\r\\n\\r\\nSin embargo, existe un defecto en el tipo de tratamiento que es especificado para ciertos tipos MIME sin identificar. Si un atacante crea un correo HTML conteniendo un  fichero adjunto ejecutable y le sustituye la informaci\u00f3n de cabecera MIME por otra, que contiene un tipo de archivo MIME reconocido, provocar\u00eda  la ejecuci\u00f3n autom\u00e1tica del adjunto.\\r\\n\\r\\nUn atacante podr\u00eda usar esta vulnerabilidad en cualquiera de estos dos escenarios.\\r\\n\\r\\nEl atacante pod\u00edra generar un correo electr\u00f3nico HTML infectado sobre un sitio web \u00fd despues intentar convencer a otro usuario para que los visite. El fichero adjunto ser\u00eda ejecutado autom\u00e1ticamente simplemente por visualizar la p\u00e1gina que muestra la lista de mensajes.\\r\\n\\r\\nEn el otro supuesto, el atacante conseguir\u00eda su objetivo envi\u00e1ndo directamente el correo HTML a la direcci\u00f3n del ususario que desea infectar.\\r\\n\\r\\nEn ambos supuestos la ejecuci\u00f3n del adjunto est\u00e1 limitada a los privilegios de sistema que tenga establecidos el ususario.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.5\",\"matchCriteriaId\":\"7BDFCFCB-6E90-4F29-9852-A3099DF05843\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6219D36E-9E2C-4DC7-8FD5-FAD144A333F6\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=98596775905044\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1001197\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cert.org/advisories/CA-2001-06.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.ciac.org/ciac/bulletins/l-066.shtml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/7806\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/2524\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-020\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/6306\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A141\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=98596775905044\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1001197\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cert.org/advisories/CA-2001-06.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.ciac.org/ciac/bulletins/l-066.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/7806\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/2524\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/6306\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A141\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.