CVE-2000-0662
Current Description
Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control (DHTMLED).
Basic Data
| Published | July 14, 2000 |
|---|
| Last Modified | October 10, 2017 |
|---|
| Assigner | cve@mitre.org |
|---|
| Data Type | CVE |
|---|
| Data Format | MITRE |
|---|
| Data Version | 4.0 |
|---|
| Problem Type | NVD-CWE-Other |
|---|
| CVE Data Version | 4.0 |
|---|
Base Metric V2
| CVSS 2 - Version | 2.0 |
|---|
| CVSS 2 - Vector String | AV:N/AC:L/Au:N/C:P/I:N/A:N |
|---|
| CVSS 2 - Access Vector | NETWORK |
|---|
| CVSS 2 - Access Complexity | LOW |
|---|
| CVSS 2 - Authentication | NONE |
|---|
| CVSS 2 - Confidentiality Impact | PARTIAL |
|---|
| CVSS 2 - Availability Impact | NONE |
|---|
| CVSS 2 - Base Score | 5.0 |
|---|
| Severity | MEDIUM |
|---|
| Exploitability Score | 10.0 |
|---|
| Impact Score | 2.9 |
|---|
| Obtain All Privilege | false |
|---|
| Obtain User Privilege | false |
|---|
| Obtain Other Privilege | false |
|---|
Base Metric V3
No data provided.
Configurations
-
OR - Configuration 1
| Cpe Version | Part | Vendor | Product | Version | Update | Edition | Language | SW Edition | Target SW | Target HW | Other | Version Start Including | Version End Including | Version Start Excluding | Version End Excluding |
|---|
| 2.3 | Application | Microsoft | Ie | 5.01 | * | * | * | * | * | * | * | � | � | � | � |
| 2.3 | Application | Microsoft | Ie | 5.5 | * | * | * | * | * | * | * | � | � | � | � |
Vulnerable Software List
References
| Name | Source | URL | Tags |
|---|
| 1474 | http://www.securityfocus.com/bid/1474 | BID | |
| 20000714 IE 5.5 and 5.01 vulnerability - reading at least local and from any host text and parsed html files | http://www.securityfocus.com/templates/archive.pike?list=1&msg=396EF9D5.62EEC625@nat.bg | BUGTRAQ | Exploit Vendor Advisory |
| ie-dhtmled-file-read(5107) | https://exchange.xforce.ibmcloud.com/vulnerabilities/5107 | XF | |
Follow @discotekdotca