CVE-2000-0400

EPSS 16.35%
Veröffentlicht 13.05.2000 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Internet Explorer Version5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	16.35%	0.945

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://marc.info/?l=bugtraq&m=95868514521257&w=2

http://www.securityfocus.com/bid/1221

https://nvd.nist.gov/vuln/detail/CVE-2000-0400

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2000-0400

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2000-0400

EUVD