CVE-2000-0201
CVSS 2.0 Score 5.1 of 10 (medium)
Details
Summary
CVE-2000-0201 is a vulnerability affecting Internet Explorer 5.x where the window.showHelp() method fails to restrict HTML help files (.chm). This issue allows remote attackers to execute arbitrary commands by leveraging Microsoft Networking, potentially leading to serious security consequences. The vulnerability does not limit the execution of help files to local hosts, making it ripe for exploitation over networks. By carefully crafted attacks, an adversary can force the loading of malicious .chm files and execute code, bypassing potential security barriers. This vulnerability poses a significant risk, particularly in corporate networks, requiring prompt patching or mitigation measures.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Internet Explorer
Affected Vendors
- Microsoft