- EPSS 7.7%
- Veröffentlicht 27.08.1999 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:49:31
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via la...
CVE-1999-1235
- EPSS 2.74%
- Veröffentlicht 25.08.1999 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:50:00
Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") anoth...
CVE-1999-0668
- EPSS 22.55%
- Veröffentlicht 21.08.1999 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:48:48
The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
CVE-1999-0802
- EPSS 10.15%
- Veröffentlicht 27.05.1999 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:49:05
Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.
CVE-1999-0917
- EPSS 6.2%
- Veröffentlicht 27.05.1999 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:49:19
The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files.
- EPSS 14.42%
- Veröffentlicht 06.05.1999 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:50:01
Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object.
CVE-1999-1367
- EPSS 1.18%
- Veröffentlicht 06.05.1999 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:50:17
Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users.
CVE-1999-0487
- EPSS 13.29%
- Veröffentlicht 01.05.1999 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:48:30
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.
CVE-1999-0488
- EPSS 11.57%
- Veröffentlicht 21.04.1999 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:48:30
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability.
CVE-1999-0490
- EPSS 9.93%
- Veröffentlicht 21.04.1999 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:48:30
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag.