Vulnerabilities > CVE-2000-0329 - Unspecified vulnerability in Microsoft products

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

microsoft

exploit available

NVD

Published: 1999-11-11

Updated: 2021-07-22

Summary

A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft IE 4.1 Microsoft IE 4.0.1 Microsoft IE 5.0 Microsoft IE 4.0 Microsoft IE 5 Microsoft Outlook 98 Microsoft Outlook 2000 Microsoft Outlook Express 4.27.3110.1 Microsoft Outlook Express 4.72.2106.4 Microsoft Outlook Express 4.72.3120.0 Microsoft Outlook Express 4.72.3612.1700 Microsoft Outlook Express 5.0 Microsoft Internet Explorer 4.0	20

Exploit-Db

description	MS IE 4.x/5.0,Outlook 2000 0/98 0/Express 4.x ActiveX CAB File Execution. CVE-2000-0329. Remote exploit for windows platform
id	EDB-ID:19603
last seen	2016-02-02
modified	1999-11-08
published	1999-11-08
reporter	Mukund
source	https://www.exploit-db.com/download/19603/
title	Microsoft Internet Explorer 4.x/5.0,Outlook 2000 0/98 0/Express 4.x - ActiveX CAB File Execution

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048