CVE-2000-0439

Severity

26%

Complexity

49%

Confidentiality

48%

Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability.

Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability.

CVSS 2.0 Base Score 2.6. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:N/A:N).

Overview

Type

Microsoft Internet Explorer

First reported 24 years ago

2000-05-11 04:00:00

Last updated 6 years ago

2018-10-12 21:29:00

Affected Software

Microsoft Internet Explorer 3.0

3.0

Microsoft Internet Explorer 3.2

3.2

Microsoft Internet Explorer 4.0

4.0

Microsoft Internet Explorer 4.0.1

4.0.1

Microsoft Internet Explorer 4.1

4.1

Microsoft Internet Explorer 5.0

5.0

References

1326

1194

20000510 IE Domain Confusion Vulnerability

20000511 IE Domain Confusion Vulnerability is an Email problem also

MS00-033

ie-cookie-disclosure(4447)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.