CVE-2001-0664

Internet Explorer <5.5-5.01 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0664. PoCs published by kikkert security.

AI-analyzed exploit summary This is a writeup describing a vulnerability in Microsoft Internet Explorer where converting an IP address to a dotless DWORD format and using URL encoding for the '@' symbol can bypass zone security settings, allowing a site to be treated as Local Intranet instead of Internet Zone.

Description

Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing vulnerability."

Exploits (1)

exploitdb WRITEUP VERIFIED
by kikkert security · textremotewindows
https://www.exploit-db.com/exploits/21118

This is a writeup describing a vulnerability in Microsoft Internet Explorer where converting an IP address to a dotless DWORD format and using URL encoding for the '@' symbol can bypass zone security settings, allowing a site to be treated as Local Intranet instead of Internet Zone.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Internet Explorer (versions affected by CVE-2001-0664)
No auth needed
Prerequisites: Knowledge of target IP address · Ability to craft a malicious URL
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Various Sources x_refsource_misc
http://morph3us.org/blog/?p=31
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=100281551611595&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/1971
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7258
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3420

Scores

EPSS 0.1819
EPSS Percentile 96.9%

Details

Status published
Products (2)
microsoft/internet_explorer 5.01
microsoft/internet_explorer 5.5
Published Oct 30, 2001
Tracked Since Feb 18, 2026