CVE-2000-0400

EPSS 18.18%
Published 13.05.2000 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post.

Affected products Warnungen 0 Metrics 2 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Internet Explorer Version5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	18.18%	0.946

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://marc.info/?l=bugtraq&m=95868514521257&w=2

http://www.securityfocus.com/bid/1221

https://nvd.nist.gov/vuln/detail/CVE-2000-0400

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2000-0400

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2000-0400

EUVD