Lucene search

[email protected]CVE-2000-0596

HistoryJun 27, 2000 - 4:00 a.m.

CVE-2000-0596

2000-06-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-0596

internet explorer

security vulnerability

access database

activex

html object

remote attackers.

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON

Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the “IE Script” vulnerability.

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq5
microsoft:internet_explorermicrosoft internet explorereq4.0.1

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	5
microsoft:internet_explorer	microsoft internet explorer	eq	4.0.1

References

www.cert.org/advisories/CA-2000-16.html

www.securityfocus.com/bid/1398

www.securityfocus.com/templates/archive.pike?list=1&msg=000d01bfe0fb%24418f59b0%2496217aa8%40src.bu.edu

www.securityfocus.com/templates/archive.pike?list=1&msg=39589359.762392DB%40nat.bg

docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON

Related for CVE-2000-0596

cert1