Vulnerabilities > CVE-2000-0061 - Unspecified vulnerability in Microsoft Internet Explorer

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

microsoft

critical

exploit available

NVD

Published: 2000-01-07

Updated: 2021-07-23

Summary

Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 4.0 Microsoft Internet Explorer 5.0 Microsoft Internet Explorer 5.5 Microsoft Internet Explorer 4.0.1 Microsoft Internet Explorer 5.01	5

Exploit-Db

description	MS IE 4.0/4.0.1/5.0/5.0.1/5.5 preview Security Zone Settings Lag Vulnerability. CVE-2000-0061,CVE-2000-0156. Remote exploit for windows platform
id	EDB-ID:19719
last seen	2016-02-02
modified	2000-01-07
published	2000-01-07
reporter	Georgi Guninski
source	https://www.exploit-db.com/download/19719/
title	Microsoft Internet Explorer 4.0/4.0.1/5.0/5.0.1/5.5 preview Security Zone Settings Lag Vulnerability

References

http://www.securityfocus.com/bid/923