Vulnerability Details : CVE-2000-0596
Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability.
Exploit prediction scoring system (EPSS) score for CVE-2000-0596
Probability of exploitation activity in the next 30 days: 0.88%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 82 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2000-0596
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2000-0596
-
http://www.securityfocus.com/templates/archive.pike?list=1&msg=000d01bfe0fb$418f59b0$96217aa8@src.bu.edu
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049
-
http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589359.762392DB@nat.bg
Exploit;Patch;Vendor Advisory
-
http://www.cert.org/advisories/CA-2000-16.html
US Government Resource
-
http://www.securityfocus.com/bid/1398
Products affected by CVE-2000-0596
- cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*