返回 CVE 浏览器

CVE-2000-1034

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1990%

EPSS Percentile35.25th

Published2000年12月11日

Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.

Affected Platforms (CPE)

💻

Microsoft

Windows 2000

All versions

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=97349782305448&w=2

🔗 http://www.securityfocus.com/bid/1899

🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-085

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5467

🔗 http://marc.info/?l=bugtraq&m=97349782305448&w=2

🔗 http://www.securityfocus.com/bid/1899

🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-085

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5467

相关漏洞威胁

CVE-2001-014710.0

Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is ...

CVE-2001-024110.0

Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long pr...

CVE-2000-022210.0

The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote ...

CVE-2002-001810.0

In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not...