Description
Internet Explorer 5.5 and 5.01 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing vulnerability."
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by kikkert security · textremotewindows
https://www.exploit-db.com/exploits/21118
References (6)
Core 6
Core References
Various Sources x_refsource_misc
http://morph3us.org/blog/?p=31
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=100281551611595&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/1971
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7258
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-051
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3420
Scores
EPSS
0.1381
EPSS Percentile
94.4%
Details
Status
published
Products (2)
microsoft/internet_explorer
5.01
microsoft/internet_explorer
5.5
Published
Oct 30, 2001
Tracked Since
Feb 18, 2026