PT-2000-1970 · Microsoft · Virtual Machine

Published

2000-12-11

Updated

2018-10-12

CVE-2000-1061

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Microsoft Virtual Machine versions 4.x through 5.x

Description The issue allows an unsigned applet to create and use ActiveX controls, enabling a remote attacker to bypass security settings and execute arbitrary commands via a malicious web page or email.

Recommendations For versions 4.x through 5.x, update the Microsoft Virtual Machine to a version that includes the fix for this issue, as the current version allows unsigned applets to bypass security settings.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-1061

Affected Products

Virtual Machine

PT-2000-1970 · Microsoft · Virtual Machine

CVE-2000-1061

Related Identifiers

Affected Products

References · 4