CVE-2000-0329

Published: Nov 11, 1999Modified: Apr 16, 2026

5.1

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability: 4.9 / Impact: 6.4

Source: NVD

Description

A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.

Affected (20)

Products: Microsoft: Ie, Internet Explorer, Outlook, Outlook Express

4 products

Configuration A

20 vulnerable

Vulnerable Software	Affected Versions
Microsoft Ie	Version 4.0.1
Microsoft Ie	Version 4.0.1
Microsoft Ie	Version 4.0.1
Microsoft Ie	Version 4.0
Microsoft Ie	Version 4.0
Microsoft Ie	Version 4.1
Microsoft Ie	Version 4.1
Microsoft Ie	Version 4.1
Microsoft Ie	Version 5.0
Microsoft Ie	Version 5.0
Microsoft Ie	Version 5.0
Microsoft Ie	Version 5
Microsoft Internet Explorer	Version 4.0
Microsoft Outlook	Version 2000
Microsoft Outlook	Version 98
Microsoft Outlook Express	Version 4.27.3110.1
Microsoft Outlook Express	Version 4.72.2106.4
Microsoft Outlook Express	Version 4.72.3120.0
Microsoft Outlook Express	Version 4.72.3612.1700
Microsoft Outlook Express	Version 5.0

References (2)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.