CVE-2000-0596
7.5
CVSS SCORE
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Description
Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Affected Software Configurations
- a microsoft internet_explorer 4.0.1 sp2 * * * * * *
- a microsoft internet_explorer 5 * * * * * * *
Weaknesses (CWE)
- NVD-CWE-Other
References & External Links
- http://www.cert.org/advisories/CA-2000-16.html
- http://www.securityfocus.com/bid/1398
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=000d01bfe0fb%24418f59b0%2496217aa8%40src.bu.edu
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589359.762392DB%40nat.bg
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049
- http://www.cert.org/advisories/CA-2000-16.html
- http://www.securityfocus.com/bid/1398
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=000d01bfe0fb%24418f59b0%2496217aa8%40src.bu.edu
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589359.762392DB%40nat.bg
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049