CVE-2000-0201

The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking.

Published: Mar 1, 2000
Updated: Apr 13, 2023
CVE: CVE-2000-0201
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / internet_explorer	5.01	5.01.x
microsoft / internet_explorer	5.0	5.0.x

http://www.securityfocus.com/bid/1033

Vulnerability Database

289,599

CVE-2000-0201