CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 1CVE-2000-1061 – Microsoft Virtual Machine 2000/3100/3200/3300 Series - 'com.ms.activeX.ActiveXComponent' Arbitrary Program Execution
https://notcve.org/view.php?id=CVE-2000-1061
Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability. • https://www.exploit-db.com/exploits/20266 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-075 https://exchange.xforce.ibmcloud.com/vulnerabilities/5127 •
CVSS: 2.6EPSS: 0%CPEs: 9EXPL: 0CVE-2000-0768
https://notcve.org/view.php?id=CVE-2000-0768
A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability. • http://www.securityfocus.com/bid/1564 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-055 •
CVSS: 2.6EPSS: 0%CPEs: 14EXPL: 0CVE-2000-0519
https://notcve.org/view.php?id=CVE-2000-0519
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities. • http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt http://www.cert.org/advisories/CA-2000-10.html http://www.securityfocus.com/bid/1309 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/4627 •
CVSS: 2.6EPSS: 0%CPEs: 14EXPL: 0CVE-2000-0518
https://notcve.org/view.php?id=CVE-2000-0518
Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities. • http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt http://www.cert.org/advisories/CA-2000-10.html http://www.securityfocus.com/bid/1309 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/4624 •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2000-0160
https://notcve.org/view.php?id=CVE-2000-0160
The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft. • http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=20000221103938.T21312%40securityfocus.com •