CVE-2000-0329

Microsoft ActiveX - RCE

Title source: llm

Description

A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Mukund · textremotewindows

https://www.exploit-db.com/exploits/19603

View Code ZIP pw:eip

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048

Scores

EPSS 0.0732

EPSS Percentile 91.7%

Details

Status published

Products (13)

microsoft/ie 4.0 (2 CPE variants)

microsoft/ie 4.0.1 (3 CPE variants)

microsoft/ie 4.1 (3 CPE variants)

microsoft/ie 5

microsoft/ie 5.0 (3 CPE variants)

microsoft/internet_explorer 4.0

microsoft/outlook 98

microsoft/outlook 2000

microsoft/outlook_express 4.27.3110.1

microsoft/outlook_express 4.72.2106.4

... and 3 more

Published Nov 11, 1999

Tracked Since Feb 18, 2026