Lucene search

[email protected]CVE-2000-0160

HistoryFeb 23, 2000 - 5:00 a.m.

CVE-2000-0160

2000-02-2305:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0160

internet explorer

activex

remote attack

software installation

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.3%

JSON

The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software’s manufacturer is Microsoft.

Affected configurations

NVD

Node

microsoftieMatch4.x

microsoftinternet_explorerMatch5

microsoftoutlook

CPENameOperatorVersion
microsoft:iemicrosoft ieeq4.x
microsoft:internet_explorermicrosoft internet explorereq5
microsoft:outlookmicrosoft outlookeq*

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	4.x
microsoft:internet_explorer	microsoft internet explorer	eq	5
microsoft:outlook	microsoft outlook	eq	*

References

www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=20000221103938.T21312%40securityfocus.com

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.3%

JSON

Related for CVE-2000-0160

nvd1 cvelist1