Unrated severityNVD Advisory· Published Feb 16, 2000· Updated Apr 16, 2026

CVE-2000-0156

Description

Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability.

Affected products

Microsoft/Internet Explorer4 versions
cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.osvdb.org/7827nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-009nvd
exchange.xforce.ibmcloud.com/vulnerabilities/3996nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.014
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000