CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2000-0201
https://notcve.org/view.php?id=CVE-2000-0201
The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. • http://www.securityfocus.com/bid/1033 •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2000-0160
https://notcve.org/view.php?id=CVE-2000-0160
The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft. • http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=20000221103938.T21312%40securityfocus.com •
CVSS: 5.1EPSS: 0%CPEs: 9EXPL: 0CVE-2000-0162
https://notcve.org/view.php?id=CVE-2000-0162
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-011 •
CVSS: 5.1EPSS: 0%CPEs: 4EXPL: 1CVE-2000-0156 – Microsoft Internet Explorer 4.0/4.0.1/5.0/5.0.1/5.5 - preview Security Zone Settings Lag
https://notcve.org/view.php?id=CVE-2000-0156
Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability. • https://www.exploit-db.com/exploits/19719 http://www.osvdb.org/7827 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-009 https://exchange.xforce.ibmcloud.com/vulnerabilities/3996 •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 1CVE-2000-0061 – Microsoft Internet Explorer 4.0/4.0.1/5.0/5.0.1/5.5 - preview Security Zone Settings Lag
https://notcve.org/view.php?id=CVE-2000-0061
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading. • https://www.exploit-db.com/exploits/19719 http://www.securityfocus.com/bid/923 •