Vulnerability Description
Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | 4.0.1 |
References
- http://www.cert.org/advisories/CA-2000-16.htmlUS Government Resource
- http://www.securityfocus.com/bid/1398
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=000d01bfe0fb%2441
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589359.762392DB
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-04
- http://www.cert.org/advisories/CA-2000-16.htmlUS Government Resource
- http://www.securityfocus.com/bid/1398
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=000d01bfe0fb%2441
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589359.762392DB
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-04
FAQ
What is CVE-2000-0596?
CVE-2000-0596 is a vulnerability with a CVSS score of 7.5 (HIGH). Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to exec...
How severe is CVE-2000-0596?
CVE-2000-0596 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0596?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer.