CVE-2000-0768 — LOW (2.6) — White Hats Nepal

Vulnerability Description

A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.

CVSS Score

2.6

LOW

AV:N/AC:H/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Microsoft	Ie	4.0
Microsoft	Internet Explorer	4.0

References

http://www.securityfocus.com/bid/1564PatchVendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-05
http://www.securityfocus.com/bid/1564PatchVendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-05

FAQ

What is CVE-2000-0768?

CVE-2000-0768 is a vulnerability with a CVSS score of 2.6 (LOW). A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Dom...

How severe is CVE-2000-0768?

CVE-2000-0768 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2000-0768?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Ie, Microsoft Internet Explorer.