Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0160

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2000-0160
Last Modified 10 Sep 2008 03:03:07
Published 21 Feb 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2000-0160

Summary

The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft.

Vulnerable Systems

Application

  • Microsoft Ie 4.x

  • Microsoft Ie 5

  • Microsoft Outlook


References

BUGTRAQ - 20000221 Microsoft signed software can be install software without prompting users


Last Updated: 27 May 2016 10:35:35