CVSS: 2.6EPSS: 0%CPEs: 4EXPL: 0CVE-2000-0503
https://notcve.org/view.php?id=CVE-2000-0503
The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event. • http://archives.neohapsis.com/archives/win2ksecadvice/2000-q2/0154.html http://www.securityfocus.com/bid/1311 •
CVSS: 5.1EPSS: 63%CPEs: 4EXPL: 1CVE-2000-0465 – Microsoft Internet Explorer 4.0/5.0/5.5 preview/5.0.1 - DocumentComplete() Cross Frame Access
https://notcve.org/view.php?id=CVE-2000-0465
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability. • https://www.exploit-db.com/exploits/19939 http://www.microsoft.com/technet/support/kb.asp?ID=251108 http://www.microsoft.com/technet/support/kb.asp?ID=255676 http://www.securityfocus.com/bid/1224 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-033 •
CVSS: 7.6EPSS: 0%CPEs: 4EXPL: 0CVE-2000-0464
https://notcve.org/view.php?id=CVE-2000-0464
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability. • http://www.microsoft.com/technet/support/kb.asp?ID=261257 http://www.securityfocus.com/bid/1223 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-033 •
CVSS: 2.6EPSS: 1%CPEs: 2EXPL: 0CVE-2000-0266
https://notcve.org/view.php?id=CVE-2000-0266
Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL. • http://www.securityfocus.com/bid/1121 http://www.securityfocus.com/templates/archive.pike?list=1&msg=38FC6130.D6D178FD%40nat.bg •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2000-0201
https://notcve.org/view.php?id=CVE-2000-0201
The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. • http://www.securityfocus.com/bid/1033 •