Lucene search

[email protected]CVE-2000-0329

HistoryJun 02, 2000 - 4:00 a.m.

CVE-2000-0329

2000-06-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0329

microsoft

activex

remote attack

html mail

active setup control

vulnerability

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.7%

JSON

A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the “Active Setup Control” vulnerability.

Affected configurations

NVD

Node

microsoftieMatch4.0windows_98

microsoftieMatch4.0windows_nt

microsoftieMatch4.0.1windows_95

microsoftieMatch4.0.1windows_98

microsoftieMatch4.0.1windows_nt

microsoftieMatch4.1windows_95

microsoftieMatch4.1windows_98

microsoftieMatch4.1windows_nt_4.0

microsoftieMatch5windows_nt_4.0

microsoftieMatch5.0windows_2000

microsoftieMatch5.0windows_95

microsoftieMatch5.0windows_98

microsoftinternet_explorerMatch4.0

microsoftoutlookMatch98

microsoftoutlookMatch2000

microsoftoutlook_expressMatch4.27.3110.1

microsoftoutlook_expressMatch4.72.2106.4

microsoftoutlook_expressMatch4.72.3120.0

microsoftoutlook_expressMatch4.72.3612.1700

microsoftoutlook_expressMatch5.0

CPENameOperatorVersion
microsoft:iemicrosoft ieeq4.0
microsoft:iemicrosoft ieeq4.0.1
microsoft:iemicrosoft ieeq4.1
microsoft:iemicrosoft ieeq5
microsoft:iemicrosoft ieeq5.0
microsoft:internet_explorermicrosoft internet explorereq4.0
microsoft:outlookmicrosoft outlookeq98
microsoft:outlookmicrosoft outlookeq2000
microsoft:outlook_expressmicrosoft outlook expresseq4.27.3110.1
microsoft:outlook_expressmicrosoft outlook expresseq4.72.2106.4

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	4.0
microsoft:ie	microsoft ie	eq	4.0.1
microsoft:ie	microsoft ie	eq	4.1
microsoft:ie	microsoft ie	eq	5
microsoft:ie	microsoft ie	eq	5.0
microsoft:internet_explorer	microsoft internet explorer	eq	4.0
microsoft:outlook	microsoft outlook	eq	98
microsoft:outlook	microsoft outlook	eq	2000
microsoft:outlook_express	microsoft outlook express	eq	4.27.3110.1
microsoft:outlook_express	microsoft outlook express	eq	4.72.2106.4

Rows per page:

1-10 of 131

References

docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.7%

JSON

Related for CVE-2000-0329

nvd1 cvelist1