Vulnerabilities > CVE-2000-0061 - Unspecified vulnerability in Microsoft Internet Explorer

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
microsoft
critical
exploit available

Summary

Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.

Exploit-Db

descriptionMS IE 4.0/4.0.1/5.0/5.0.1/5.5 preview Security Zone Settings Lag Vulnerability. CVE-2000-0061,CVE-2000-0156. Remote exploit for windows platform
idEDB-ID:19719
last seen2016-02-02
modified2000-01-07
published2000-01-07
reporterGeorgi Guninski
sourcehttps://www.exploit-db.com/download/19719/
titleMicrosoft Internet Explorer 4.0/4.0.1/5.0/5.0.1/5.5 preview Security Zone Settings Lag Vulnerability