Unrated severityNVD Advisory· Published Feb 18, 2000· Updated Apr 16, 2026

CVE-2000-0162

Description

The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.

Affected products

Microsoft/Ie7 versions
cpe:2.3:a:microsoft:ie:4.0:*:windows_98:*:*:*:*:*+ 6 more
- cpe:2.3:a:microsoft:ie:4.0:*:windows_98:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:4.0:*:windows_nt:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:4.1:*:windows_95:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:4.1:*:windows_nt_4.0:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:5.0:*:windows_95:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:5.0:*:windows_98:*:*:*:*:*
- cpe:2.3:a:microsoft:ie:5:*:windows_nt_4.0:*:*:*:*:*
Microsoft/Internet Explorer
cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
Microsoft/Visual Studio
cpe:2.3:a:microsoft:visual_studio:6.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-011nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000