Unrated severityNVD Advisory· Published Jun 27, 2000· Updated Apr 16, 2026

CVE-2000-0596

Description

Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability.

Affected products

Microsoft/Internet Explorer2 versions
cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cert.org/advisories/CA-2000-16.htmlnvdUS Government Resource
www.securityfocus.com/bid/1398nvd
www.securityfocus.com/templates/archive.pikenvd
www.securityfocus.com/templates/archive.pikenvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.010
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000