CVE-2000-0160

CVSS 2.0 Score 7.6 of 10 (high)

Details

Published Feb 21, 2000
Updated: Nov 7, 2023

Summary

CVE-2000-0160 is a vulnerability affecting the Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x. malicious actors can exploit this weakness to install software components on a victim's system without user consent, falsely claiming that Microsoft is the software manufacturer. This poses a significant risk, as unsuspecting users may inadvertently allow the installation of potentially harmful software. The vulnerability existed due to insufficient security checks during the installation process. This issue was addressed in later versions of Internet Explorer.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Office Outlook
  • Microsoft Internet Explorer

Affected Vendors

  • Microsoft