Total
1737 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1367 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 4.6 MEDIUM | N/A |
| Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. | |||||
| CVE-1999-1235 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 4.6 MEDIUM | N/A |
| Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. | |||||
| CVE-1999-1110 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 5.0 MEDIUM | N/A |
| Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client. | |||||
| CVE-1999-0802 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 7.6 HIGH | N/A |
| Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon. | |||||
| CVE-1999-0793 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 2.6 LOW | N/A |
| Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. | |||||
| CVE-1999-1016 | 2 Microsoft, Qualcomm | 4 Frontpage, Internet Explorer, Outlook Express and 1 more | 2021-07-22 | 5.0 MEDIUM | N/A |
| Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. | |||||
| CVE-2000-0439 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 2.6 LOW | N/A |
| Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability. | |||||
| CVE-1999-0488 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 7.5 HIGH | N/A |
| Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability. | |||||
| CVE-1999-0917 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 5.1 MEDIUM | N/A |
| The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files. | |||||
| CVE-1999-0487 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 2.6 LOW | N/A |
| The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. | |||||
| CVE-2000-0160 | 1 Microsoft | 3 Ie, Internet Explorer, Outlook | 2021-07-22 | 7.6 HIGH | N/A |
| The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft. | |||||
| CVE-2000-0596 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 7.5 HIGH | N/A |
| Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability. | |||||
| CVE-1999-0876 | 1 Microsoft | 2 Ie, Internet Explorer | 2021-07-22 | 10.0 HIGH | N/A |
| Buffer overflow in Internet Explorer 4.0 via EMBED tag. | |||||
| CVE-1999-0870 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 2.6 LOW | N/A |
| Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste. | |||||
| CVE-1999-1087 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 7.5 HIGH | N/A |
| Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server. | |||||
| CVE-1999-1093 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 5.1 MEDIUM | N/A |
| Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. | |||||
| CVE-1999-1473 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 5.0 MEDIUM | N/A |
| When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue." | |||||
| CVE-1999-1472 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 5.0 MEDIUM | N/A |
| Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. | |||||
| CVE-1999-0871 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 2.6 LOW | N/A |
| Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability. | |||||
| CVE-1999-1453 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 2.6 LOW | N/A |
| Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. | |||||