CVE-2000-1061
Microsoft Internet Explorer 4.x and 5.x - Remote Code Execution via Microsoft VM ActiveX Component
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-1061. PoCs published by Marcin Jackowski.
AI-analyzed exploit summary This exploit leverages the com.ms.activeX.ActiveXComponent Java object to create and manipulate arbitrary ActiveX objects, bypassing security restrictions in Microsoft Internet Explorer or Outlook. It modifies registry keys to alter DNS settings, demonstrating arbitrary code execution capabilities.
Description
Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability.
Exploits (1)
This exploit leverages the com.ms.activeX.ActiveXComponent Java object to create and manipulate arbitrary ActiveX objects, bypassing security restrictions in Microsoft Internet Explorer or Outlook. It modifies registry keys to alter DNS settings, demonstrating arbitrary code execution capabilities.