CVE-2001-0089

Internet Explorer <5.6 - Info Disclosure

Title source: llm

Description

Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Key · htmlremotewindows

https://www.exploit-db.com/exploits/20459

View Code ZIP pw:eip

References (2)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/5615

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-093

Scores

EPSS 0.3830

EPSS Percentile 97.2%

Details

Status published

Products (3)

microsoft/internet_explorer 5.0

microsoft/internet_explorer 5.01

microsoft/internet_explorer < 5.5

Published Feb 16, 2001

Tracked Since Feb 18, 2026