CVE-2000-0201

CVSS 2.0 Score 5.1 of 10 (medium)

Details

Published Mar 1, 2000
Updated: Nov 20, 2024

Summary

CVE-2000-0201 is a vulnerability affecting Internet Explorer 5.x where the window.showHelp() method fails to restrict HTML help files (.chm). This issue allows remote attackers to execute arbitrary commands by leveraging Microsoft Networking, potentially leading to serious security consequences. The vulnerability does not limit the execution of help files to local hosts, making it ripe for exploitation over networks. By carefully crafted attacks, an adversary can force the loading of malicious .chm files and execute code, bypassing potential security barriers. This vulnerability poses a significant risk, particularly in corporate networks, requiring prompt patching or mitigation measures.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Internet Explorer

Affected Vendors

  • Microsoft