Description
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Georgi Guninski · textremotemultiple
https://www.exploit-db.com/exploits/19686
References (1)
Core 1
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0028
Scores
EPSS
0.1918
EPSS Percentile
95.4%
Details
Status
published
Products (11)
microsoft/ie
4.0 a_mac_os
microsoft/internet_explorer
3.0
microsoft/internet_explorer
3.0.2
microsoft/internet_explorer
3.1
microsoft/internet_explorer
3.2
microsoft/internet_explorer
4.0
microsoft/internet_explorer
4.0.1 sp2
microsoft/internet_explorer
4.1
microsoft/internet_explorer
4.5
microsoft/internet_explorer
5.0
... and 1 more
Published
Dec 23, 1999
Tracked Since
Feb 18, 2026