Lucene search

[email protected]CVE-2000-0160

HistoryFeb 21, 2000 - 5:00 a.m.

CVE-2000-0160

2000-02-2105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-0160

internet explorer

activex

remote attack

software installation

7.3 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

73.9%

JSON

The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software’s manufacturer is Microsoft.

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq5
microsoft:iemicrosoft ieeq4.x
microsoft:outlookmicrosoft outlookeq*

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	5
microsoft:ie	microsoft ie	eq	4.x
microsoft:outlook	microsoft outlook	eq	*

References

www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=20000221103938.T21312%40securityfocus.com

7.3 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

73.9%

JSON