CVSS: 7.6EPSS: 0%CPEs: 4EXPL: 0CVE-2000-0464
https://notcve.org/view.php?id=CVE-2000-0464
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability. • http://www.microsoft.com/technet/support/kb.asp?ID=261257 http://www.securityfocus.com/bid/1223 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-033 •
CVSS: 2.6EPSS: 1%CPEs: 2EXPL: 0CVE-2000-0266
https://notcve.org/view.php?id=CVE-2000-0266
Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL. • http://www.securityfocus.com/bid/1121 http://www.securityfocus.com/templates/archive.pike?list=1&msg=38FC6130.D6D178FD%40nat.bg •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2000-0201
https://notcve.org/view.php?id=CVE-2000-0201
The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. • http://www.securityfocus.com/bid/1033 •
CVSS: 5.1EPSS: 0%CPEs: 4EXPL: 1CVE-2000-0156 – Microsoft Internet Explorer 4.0/4.0.1/5.0/5.0.1/5.5 - preview Security Zone Settings Lag
https://notcve.org/view.php?id=CVE-2000-0156
Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability. • https://www.exploit-db.com/exploits/19719 http://www.osvdb.org/7827 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-009 https://exchange.xforce.ibmcloud.com/vulnerabilities/3996 •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 1CVE-2000-0061 – Microsoft Internet Explorer 4.0/4.0.1/5.0/5.0.1/5.5 - preview Security Zone Settings Lag
https://notcve.org/view.php?id=CVE-2000-0061
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading. • https://www.exploit-db.com/exploits/19719 http://www.securityfocus.com/bid/923 •