CVE-2021-26419 (GCVE-0-2021-26419)
Vulnerability from – Published: 2021-05-11 19:11 – Updated: 2024-08-03 20:26
VLAI?
Title
Scripting Engine Memory Corruption Vulnerability
Summary
Scripting Engine Memory Corruption Vulnerability
Severity ?
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Internet Explorer 11 |
Affected:
1.0.0 , < 10.0.14393.4401
(custom)
Affected: 1.0.0 , < 10.0.17134.2207 (custom) Affected: 1.0.0 , < 10.0.17763.1935 (custom) Affected: 1.0.0 , < 10.0.18363.1556 (custom) Affected: 1.0.0 , < 10.0.19041.982 (custom) Affected: 1.0.0 , < 10.0.10240.18931 (custom) Affected: 1.0.0 , < 6.1.7601.24597 (custom) Affected: 1.0.0 , < 6.1 (custom) Affected: 1.0.0 , < 6.3.9600.20017 (custom) Affected: 1.0.0 , < 6.3.9600.20016 (custom) Affected: 1.0.0 , < 6.2.9200.23347 (custom) Affected: 1.0.0 , < 6.2 (custom) cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:* |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26419"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162570/Internet-Explorer-jscript9.dll-Memory-Corruption.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2016",
"Windows 10 Version 1803 for 32-bit Systems",
"Windows 10 Version 1803 for x64-based Systems",
"Windows 10 Version 1803 for ARM64-based Systems",
"Windows 10 Version 1809 for 32-bit Systems",
"Windows 10 Version 1809 for x64-based Systems",
"Windows 10 Version 1809 for ARM64-based Systems",
"Windows Server 2019",
"Windows 10 Version 1909 for 32-bit Systems",
"Windows 10 Version 1909 for x64-based Systems",
"Windows 10 Version 1909 for ARM64-based Systems",
"Windows 10 Version 2004 for 32-bit Systems",
"Windows 10 Version 2004 for ARM64-based Systems",
"Windows 10 Version 2004 for x64-based Systems",
"Windows 10 Version 20H2 for 32-bit Systems",
"Windows 10 Version 20H2 for ARM64-based Systems",
"Windows 10 for 32-bit Systems",
"Windows 10 for x64-based Systems",
"Windows 10 Version 1607 for 32-bit Systems",
"Windows 10 Version 1607 for x64-based Systems",
"Windows 7 for 32-bit Systems Service Pack 1",
"Windows 7 for x64-based Systems Service Pack 1",
"Windows 8.1 for 32-bit systems",
"Windows 8.1 for x64-based systems",
"Windows RT 8.1",
"Windows Server 2008 R2 for x64-based Systems Service Pack 1",
"Windows Server 2012",
"Windows Server 2012 R2"
],
"product": "Internet Explorer 11",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.14393.4401",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "10.0.17134.2207",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "10.0.17763.1935",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "10.0.18363.1556",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "10.0.19041.982",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "10.0.10240.18931",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1.7601.24597",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "6.1",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "6.3.9600.20017",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "6.3.9600.20016",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "6.2.9200.23347",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "6.2",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*"
],
"platforms": [
"Windows Server 2008 for 32-bit Systems Service Pack 2",
"Windows Server 2008 for x64-based Systems Service Pack 2"
],
"product": "Internet Explorer 9",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "6.0.6003.21117",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
},
{
"lessThan": "6.0",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-05-11T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Scripting Engine Memory Corruption Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T23:56:48.252Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26419"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162570/Internet-Explorer-jscript9.dll-Memory-Corruption.html"
}
],
"title": "Scripting Engine Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-26419",
"datePublished": "2021-05-11T19:11:11",
"dateReserved": "2021-01-29T00:00:00",
"dateUpdated": "2024-08-03T20:26:25.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1578 (GCVE-0-1999-1578)
Vulnerability from – Published: 2005-04-21 04:00 – Updated: 2024-08-01 17:18
VLAI?
Summary
Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#37556",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/37556"
},
{
"name": "671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/671"
},
{
"name": "19990924 Several ActiveX Buffer Overruns",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/28719"
},
{
"name": "ie-registration-wiz-bo(3311)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3311"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#37556",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/37556"
},
{
"name": "671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/671"
},
{
"name": "19990924 Several ActiveX Buffer Overruns",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/28719"
},
{
"name": "ie-registration-wiz-bo(3311)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3311"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1578",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#37556",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/37556"
},
{
"name": "671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/671"
},
{
"name": "19990924 Several ActiveX Buffer Overruns",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/28719"
},
{
"name": "ie-registration-wiz-bo(3311)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3311"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1578",
"datePublished": "2005-04-21T04:00:00",
"dateReserved": "2005-04-21T00:00:00",
"dateUpdated": "2024-08-01T17:18:07.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1577 (GCVE-0-1999-1577)
Vulnerability from – Published: 2005-04-21 04:00 – Updated: 2024-08-01 17:18
VLAI?
Summary
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ie-hhopen-bo(3314)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3314"
},
{
"name": "VU#29795",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/29795"
},
{
"name": "669",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/669"
},
{
"name": "19990924 Several ActiveX Buffer Overruns",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/28719"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ie-hhopen-bo(3314)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3314"
},
{
"name": "VU#29795",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/29795"
},
{
"name": "669",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/669"
},
{
"name": "19990924 Several ActiveX Buffer Overruns",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/28719"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ie-hhopen-bo(3314)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3314"
},
{
"name": "VU#29795",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/29795"
},
{
"name": "669",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/669"
},
{
"name": "19990924 Several ActiveX Buffer Overruns",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/28719"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1577",
"datePublished": "2005-04-21T04:00:00",
"dateReserved": "2005-04-21T00:00:00",
"dateUpdated": "2024-08-01T17:18:07.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1575 (GCVE-0-1999-1575)
Vulnerability from – Published: 2005-04-21 04:00 – Updated: 2024-08-01 17:18
VLAI?
Summary
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#41408",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/41408"
},
{
"name": "VU#24839",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/24839"
},
{
"name": "MS99-037",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037"
},
{
"name": "VU#26924",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/26924"
},
{
"name": "VU#9162",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/9162"
},
{
"name": "wang-kodak-activex-control(7097)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7097"
},
{
"name": "19990924 Several ActiveX Buffer Overruns",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/28719"
},
{
"name": "VU#23412",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/23412"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as \"Safe for Scripting,\" which allows remote attackers to create and modify files and execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#41408",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/41408"
},
{
"name": "VU#24839",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/24839"
},
{
"name": "MS99-037",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037"
},
{
"name": "VU#26924",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/26924"
},
{
"name": "VU#9162",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/9162"
},
{
"name": "wang-kodak-activex-control(7097)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7097"
},
{
"name": "19990924 Several ActiveX Buffer Overruns",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/28719"
},
{
"name": "VU#23412",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/23412"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as \"Safe for Scripting,\" which allows remote attackers to create and modify files and execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#41408",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/41408"
},
{
"name": "VU#24839",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/24839"
},
{
"name": "MS99-037",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037"
},
{
"name": "VU#26924",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/26924"
},
{
"name": "VU#9162",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/9162"
},
{
"name": "wang-kodak-activex-control(7097)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7097"
},
{
"name": "19990924 Several ActiveX Buffer Overruns",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/28719"
},
{
"name": "VU#23412",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/23412"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1575",
"datePublished": "2005-04-21T04:00:00",
"dateReserved": "2005-04-21T00:00:00",
"dateUpdated": "2024-08-01T17:18:07.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1473 (GCVE-0-1999-1473)
Vulnerability from – Published: 2002-03-09 05:00 – Updated: 2024-08-01 17:18
VLAI?
Summary
When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7818",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7818"
},
{
"name": "ie-page-redirect(7426)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7426.php"
},
{
"name": "Q176697",
"tags": [
"vendor-advisory",
"x_refsource_MSKB",
"x_transferred"
],
"url": "http://support.microsoft.com/support/kb/articles/q176/6/97.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the \"Page Redirect Issue.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7818",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7818"
},
{
"name": "ie-page-redirect(7426)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7426.php"
},
{
"name": "Q176697",
"tags": [
"vendor-advisory",
"x_refsource_MSKB"
],
"url": "http://support.microsoft.com/support/kb/articles/q176/6/97.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1473",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the \"Page Redirect Issue.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7818",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7818"
},
{
"name": "ie-page-redirect(7426)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7426.php"
},
{
"name": "Q176697",
"refsource": "MSKB",
"url": "http://support.microsoft.com/support/kb/articles/q176/6/97.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1473",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:18:07.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1472 (GCVE-0-1999-1472)
Vulnerability from – Published: 2002-03-09 05:00 – Updated: 2024-08-01 17:18
VLAI?
Summary
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.microsoft.com/Windows/ie/security/freiburg.asp"
},
{
"name": "7819",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7819"
},
{
"name": "Q176794",
"tags": [
"vendor-advisory",
"x_refsource_MSKB",
"x_transferred"
],
"url": "http://support.microsoft.com/support/kb/articles/q176/7/94.asp"
},
{
"name": "Q176697",
"tags": [
"vendor-advisory",
"x_refsource_MSKB",
"x_transferred"
],
"url": "http://support.microsoft.com/support/kb/articles/q176/6/97.asp"
},
{
"name": "19971017 Security Hole in Explorer 4.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87710897923098\u0026w=2"
},
{
"name": "http-ie-spy(587)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/587"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.insecure.org/sploits/Internet_explorer_4.0.hack.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1997-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user\u0027s machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.microsoft.com/Windows/ie/security/freiburg.asp"
},
{
"name": "7819",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7819"
},
{
"name": "Q176794",
"tags": [
"vendor-advisory",
"x_refsource_MSKB"
],
"url": "http://support.microsoft.com/support/kb/articles/q176/7/94.asp"
},
{
"name": "Q176697",
"tags": [
"vendor-advisory",
"x_refsource_MSKB"
],
"url": "http://support.microsoft.com/support/kb/articles/q176/6/97.asp"
},
{
"name": "19971017 Security Hole in Explorer 4.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87710897923098\u0026w=2"
},
{
"name": "http-ie-spy(587)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/587"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.insecure.org/sploits/Internet_explorer_4.0.hack.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1472",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user\u0027s machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.microsoft.com/Windows/ie/security/freiburg.asp",
"refsource": "CONFIRM",
"url": "http://www.microsoft.com/Windows/ie/security/freiburg.asp"
},
{
"name": "7819",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7819"
},
{
"name": "Q176794",
"refsource": "MSKB",
"url": "http://support.microsoft.com/support/kb/articles/q176/7/94.asp"
},
{
"name": "Q176697",
"refsource": "MSKB",
"url": "http://support.microsoft.com/support/kb/articles/q176/6/97.asp"
},
{
"name": "19971017 Security Hole in Explorer 4.0",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=87710897923098\u0026w=2"
},
{
"name": "http-ie-spy(587)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/587"
},
{
"name": "http://www.insecure.org/sploits/Internet_explorer_4.0.hack.html",
"refsource": "MISC",
"url": "http://www.insecure.org/sploits/Internet_explorer_4.0.hack.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1472",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:18:07.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1453 (GCVE-0-1999-1453)
Vulnerability from – Published: 2001-09-12 04:00 – Updated: 2024-08-01 17:11
VLAI?
Summary
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990222 New IE4 vulnerability : the clipboard again.",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=91979439932341\u0026w=2"
},
{
"name": "215",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/215"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-02-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990222 New IE4 vulnerability : the clipboard again.",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=91979439932341\u0026w=2"
},
{
"name": "215",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/215"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990222 New IE4 vulnerability : the clipboard again.",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=91979439932341\u0026w=2"
},
{
"name": "215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/215"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1453",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1447 (GCVE-0-1999-1447)
Vulnerability from – Published: 2001-09-12 04:00 – Updated: 2024-08-01 17:11
VLAI?
Summary
Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19980730 Re: Object tag crashes Internet Explorer 4.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221104526188\u0026w=2"
},
{
"name": "19980728 Object tag crashes Internet Explorer 4.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221104526169\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-07-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19980730 Re: Object tag crashes Internet Explorer 4.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221104526188\u0026w=2"
},
{
"name": "19980728 Object tag crashes Internet Explorer 4.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221104526169\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1447",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980730 Re: Object tag crashes Internet Explorer 4.0",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104526188\u0026w=2"
},
{
"name": "19980728 Object tag crashes Internet Explorer 4.0",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104526169\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1447",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1446 (GCVE-0-1999-1446)
Vulnerability from – Published: 2001-09-12 04:00 – Updated: 2024-08-01 17:11
VLAI?
Summary
Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19970805 Re: Strange behavior regarding directory",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=87602837719654\u0026w=2"
},
{
"name": "19970806 Re: Strange behavior regarding directory",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=87602837719655\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1997-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Internet Explorer 3 records a history of all URL\u0027s that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the \"Clear History\" option, and are not visible when the user browses the folders because of tailored displays."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19970805 Re: Strange behavior regarding directory",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=87602837719654\u0026w=2"
},
{
"name": "19970806 Re: Strange behavior regarding directory",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=87602837719655\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Internet Explorer 3 records a history of all URL\u0027s that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the \"Clear History\" option, and are not visible when the user browses the folders because of tailored displays."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19970805 Re: Strange behavior regarding directory",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=87602837719654\u0026w=2"
},
{
"name": "19970806 Re: Strange behavior regarding directory",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=87602837719655\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1446",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1370 (GCVE-0-1999-1370)
Vulnerability from – Published: 2001-09-12 04:00 – Updated: 2024-08-01 17:11
VLAI?
Summary
The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990323 MSIE 5 installer disables screen saver",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=92220197414799\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-03-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990323 MSIE 5 installer disables screen saver",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=92220197414799\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990323 MSIE 5 installer disables screen saver",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=92220197414799\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1370",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
displaying 1591 - 1600 organizations in total 1635