CVE-2000-0329

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2000-0329
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.

5.1 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:ie:4.0:*:windows_98:*:*:*:*:*
cpe:2.3:a:microsoft:ie:4.0:*:windows_nt:*:*:*:*:*
cpe:2.3:a:microsoft:ie:4.0.1:*:windows_95:*:*:*:*:*
cpe:2.3:a:microsoft:ie:4.0.1:*:windows_98:*:*:*:*:*
cpe:2.3:a:microsoft:ie:4.0.1:*:windows_nt:*:*:*:*:*
cpe:2.3:a:microsoft:ie:4.1:*:windows_95:*:*:*:*:*
cpe:2.3:a:microsoft:ie:4.1:*:windows_98:*:*:*:*:*
cpe:2.3:a:microsoft:ie:4.1:*:windows_nt_4.0:*:*:*:*:*
cpe:2.3:a:microsoft:ie:5:*:windows_nt_4.0:*:*:*:*:*
cpe:2.3:a:microsoft:ie:5.0:*:windows_2000:*:*:*:*:*
cpe:2.3:a:microsoft:ie:5.0:*:windows_95:*:*:*:*:*
cpe:2.3:a:microsoft:ie:5.0:*:windows_98:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:98:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook_express:4.27.3110.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook_express:4.72.2106.4:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook_express:4.72.3120.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook_express:4.72.3612.1700:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook_express:5.0:*:*:*:*:*:*:*
History

20 Nov 2024, 23:32

Type Values Removed Values Added
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048 -

22 Jul 2021, 13:53

Type Values Removed Values Added
CPE cpe:2.3:a:microsoft:ie:4.0:*:*:*:*:*:*:* cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
Information

Published : 1999-11-11 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2000-0329

Mitre link : CVE-2000-0329

CVE.ORG link : CVE-2000-0329

JSON object : View

Products Affected

microsoft

  • internet_explorer
  • ie
  • outlook
  • outlook_express
CWE
NVD-CWE-Other