CVE-2000-0439
LowExploitation Probability (EPSS)
Very high risk93th percentile — higher than 93% of all known CVEs
Summary
Internet Explorer 4.0 and 5.0 allow a malicious website to obtain client cookies from another domain by including that domain name and escaped characters in a URL, known as the 'Unauthorized Cookie Access' vulnerability.
Risk Assessment
Organizations may be exposed to user data theft, leading to privacy and security breaches. Malicious sites can exploit this vulnerability to hijack user sessions.
Recommendation
It is recommended to update Internet Explorer to the latest version or consider using an alternative browser to minimize risk. Additionally, implementing cookie security policies is advisable.
Original NVD description (English source)
Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability.

