CVSS: 7.6EPSS: 0%CPEs: 4EXPL: 0CVE-2000-0464
https://notcve.org/view.php?id=CVE-2000-0464
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability. • http://www.microsoft.com/technet/support/kb.asp?ID=261257 http://www.securityfocus.com/bid/1223 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-033 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2000-0400 – Microsoft Active Movie Control 1.0 - Filetype
https://notcve.org/view.php?id=CVE-2000-0400
The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post. • https://www.exploit-db.com/exploits/19928 http://marc.info/?l=bugtraq&m=95868514521257&w=2 http://www.securityfocus.com/bid/1221 • CWE-20: Improper Input Validation •
CVSS: 2.6EPSS: 0%CPEs: 6EXPL: 0CVE-2000-0439
https://notcve.org/view.php?id=CVE-2000-0439
Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability. • http://www.osvdb.org/1326 http://www.securityfocus.com/bid/1194 http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000511135609.D7774%40securityfocus.com http://www.securityfocus.com/templates/archive.pike?list=1&msg=NDBBKGHPMKBKDDGLDEEHAEHMDIAA.rms2000%40bellatlantic.net https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-033 https://exchange.xforce.ibmcloud.com/vulnerabilities/4447 •
CVSS: 2.6EPSS: 1%CPEs: 2EXPL: 0CVE-2000-0266
https://notcve.org/view.php?id=CVE-2000-0266
Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL. • http://www.securityfocus.com/bid/1121 http://www.securityfocus.com/templates/archive.pike?list=1&msg=38FC6130.D6D178FD%40nat.bg •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2000-0201
https://notcve.org/view.php?id=CVE-2000-0201
The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. • http://www.securityfocus.com/bid/1033 •