← CVECheck
HomeVulnerabilities

CVE-2001-0338 — MEDIUM severity vulnerability (Internet Explorer 5.5 and earlier does not properly validate)

Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."

CVE IDCVE-2001-0338
SeverityMEDIUM
CVSS score5.1
CVSS vectorAV:N/AC:H/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-06-27
Last modified2026-04-16
DescriptionInternet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →