CVE-2000-0768Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
2.6LOWNVD
EPSS
16.3%
top 5.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedOct 20
Latest updateApr 30

Description

A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

NVDmicrosoft/internet_explorer4.0, 5.01, 5.5+2
NVDmicrosoft/ie4.0, 5.0+1

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-mcmc-pq28-m22x: A function in Internet Explorer 42022-04-30
CVEList
CVE-2000-0768: A function in Internet Explorer 42000-10-13
CVE-2000-0768 — Microsoft vulnerability | cvebase