Vulnerabilities > CVE-2000-1061 - Unspecified vulnerability in Microsoft IE 4.X/5.X

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
microsoft
exploit available
NVD
Published: 2000-12-11
Updated: 2018-10-12

Summary

Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability.

Vulnerable Configurations

Part Description Count
Application
Microsoft
2

Exploit-Db

descriptionMicrosoft Virtual Machine 2000/3100/3200/3300 Series com.ms.activeX.ActiveXComponent Arbitrary Program Execution. CVE-2000-1061 . Remote exploit for windows ...
idEDB-ID:20266
last seen2016-02-02
modified2000-10-05
published2000-10-05
reporterMarcin Jackowski
sourcehttps://www.exploit-db.com/download/20266/
titleMicrosoft Virtual Machine 2000/3100/3200/3300 Series - com.ms.activeX.ActiveXComponent Arbitrary Program Execution

References