CVE Catalog

CVE-2000-0518

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Very high risk
4.84%

91th percentile — higher than 91% of all known CVEs

Summary

Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame. This is one of two different 'SSL Certificate Validation' vulnerabilities.

Risk Assessment

Improper verification of SSL certificates may lead to man-in-the-middle attacks, compromising the confidentiality of data transmitted by users.

Recommendation

It is recommended to update Internet Explorer to the latest version or migrate to another, more secure browser.

Original NVD description (English source)

Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS