CVE-2000-1105 - OpenCVE

The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Indexing Service

Configuration 1 [-]

cpe:2.3:a:microsoft:indexing_service:*:*:windows_2000:*:*:*:*:*

References

Link	Resource
http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0074.html	Exploit Patch Vendor Advisory
http://www.securityfocus.com/archive/1/144270
http://www.securityfocus.com/bid/1933	Exploit Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2000-12-19T05:00:00

Updated: 2005-11-02T10:00:00

Reserved: 2000-12-14T00:00:00

Link: CVE-2000-1105

JSON object: View

NVD Information

Status : Analyzed

Published: 2001-01-09T05:00:00.000

Modified: 2008-09-05T20:22:39.933

Link: CVE-2000-1105

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-11-10T00:00:00", "descriptions": [{"lang": "en", "value": "The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1933", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1933"}, {"name": "20001110 IE 5.x Win2000 Indexing service vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/144270"}, {"name": "20001110 IE 5.x Win2000 Indexing service vulnerability", "tags": ["mailing-list", "x_refsource_WIN2KSEC"], "url": "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0074.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1105", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1933", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1933"}, {"name": "20001110 IE 5.x Win2000 Indexing service vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/144270"}, {"name": "20001110 IE 5.x Win2000 Indexing service vulnerability", "refsource": "WIN2KSEC", "url": "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0074.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1105", "datePublished": "2000-12-19T05:00:00", "dateReserved": "2000-12-14T00:00:00", "dateUpdated": "2005-11-02T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}