CVE-2000-0329

Microsoft ActiveX - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0329. PoCs published by Mukund.

AI-analyzed exploit summary This document describes the CVE-2000-0329 vulnerability in Microsoft's Active Setup Control, which allows execution of unsigned CAB files. It explains how an attacker can exploit this via Outlook Express by disguising a CAB file as an image attachment and using VBScript to trigger the installation of malicious executables.

Description

A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Mukund · textremotewindows
https://www.exploit-db.com/exploits/19603

This document describes the CVE-2000-0329 vulnerability in Microsoft's Active Setup Control, which allows execution of unsigned CAB files. It explains how an attacker can exploit this via Outlook Express by disguising a CAB file as an image attachment and using VBScript to trigger the installation of malicious executables.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Internet Explorer 4.0-5.0, Outlook Express 4.27.3110-4.72.3612
No auth needed
Prerequisites: Victim uses Outlook Express or vulnerable IE version · Attacker can send email with disguised CAB file
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

EPSS 0.0769
EPSS Percentile 93.9%

Details

Status published
Products (13)
microsoft/ie 4.0 (2 CPE variants)
microsoft/ie 4.0.1 (3 CPE variants)
microsoft/ie 4.1 (3 CPE variants)
microsoft/ie 5
microsoft/ie 5.0 (3 CPE variants)
microsoft/internet_explorer 4.0
microsoft/outlook 98
microsoft/outlook 2000
microsoft/outlook_express 4.27.3110.1
microsoft/outlook_express 4.72.2106.4
... and 3 more
Published Nov 11, 1999
Tracked Since Feb 18, 2026