PT-2000-1342 · Microsoft · Internet Explorer+1

Published

2000-05-13

Updated

2016-11-07

CVE-2000-0400

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Internet Explorer 5

Description The issue allows an attacker to download any type of file to a user's system by encoding it within an email message or news post, due to the lack of restriction on downloadable file types by the Microsoft Active Movie ActiveX Control in Internet Explorer.

Recommendations For Internet Explorer 5, consider restricting the use of the Microsoft Active Movie ActiveX Control until a patch is available.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2000-0400

Affected Products

Active Movie Activex Control

Internet Explorer

PT-2000-1342 · Microsoft · Internet Explorer+1

CVE-2000-0400

Weakness Enumeration

Related Identifiers

Affected Products

References · 4