CVE-2000-1061

Microsoft Internet Explorer 4.x and 5.x - Remote Code Execution via Microsoft VM ActiveX Component

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-1061. PoCs published by Marcin Jackowski.

AI-analyzed exploit summary This exploit leverages the com.ms.activeX.ActiveXComponent Java object to create and manipulate arbitrary ActiveX objects, bypassing security restrictions in Microsoft Internet Explorer or Outlook. It modifies registry keys to alter DNS settings, demonstrating arbitrary code execution capabilities.

Description

Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Marcin Jackowski · textremotewindows
https://www.exploit-db.com/exploits/20266

This exploit leverages the com.ms.activeX.ActiveXComponent Java object to create and manipulate arbitrary ActiveX objects, bypassing security restrictions in Microsoft Internet Explorer or Outlook. It modifies registry keys to alter DNS settings, demonstrating arbitrary code execution capabilities.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Internet Explorer, Microsoft Outlook (pre-security update)
No auth needed
Prerequisites: Victim must visit a malicious webpage or open a malicious email in a vulnerable version of Internet Explorer or Outlook
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5127

Scores

EPSS 0.1046
EPSS Percentile 95.2%

Details

Status published
Products (2)
microsoft/ie 4.x
microsoft/ie 5.x
Published Dec 11, 2000
Tracked Since Feb 18, 2026