CVE-2000-1034 : Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary comma

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.

Published 2000-12-11 05:00:00

Updated 2018-10-12 21:29:55

Source MITRE

View at NVD, CVE.org

Vulnerability category: Overflow

Exploit prediction scoring system (EPSS) score for CVE-2000-1034

Probability of exploitation activity in the next 30 days: 0.11%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 44 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2000-1034

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2000-1034

Products affected by CVE-2000-1034

Microsoft » Windows 2000
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2000-1034

Exploit prediction scoring system (EPSS) score for CVE-2000-1034

CVSS scores for CVE-2000-1034

References for CVE-2000-1034

Products affected by CVE-2000-1034