CVE-2001-0338 — MEDIUM severity vulnerability (Internet Explorer 5.5 and earlier does not properly validate)
Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."
| CVE ID | CVE-2001-0338 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 5.1 |
| CVSS vector | AV:N/AC:H/Au:N/C:P/I:P/A:P |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2001-06-27 |
| Last modified | 2026-04-16 |
| Description | Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability." |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →