Filtered by vendor Microsoft Subscriptions
Filtered by product Internet Explorer Subscriptions
Total 1742 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-1472 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.
CVE-1999-1453 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object.
CVE-1999-1447 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag.
CVE-1999-1446 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays.
CVE-1999-1370 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs.
CVE-1999-1367 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users.
CVE-1999-1241 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object.
CVE-1999-1235 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link.
CVE-1999-1128 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer 3.01 on Windows 95 allows remote malicious web sites to execute arbitrary commands via a .isp file, which is automatically downloaded and executed without prompting the user.
CVE-1999-1110 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.
CVE-1999-1094 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."
CVE-1999-1093 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page.
CVE-1999-1087 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server.
CVE-1999-1016 2 Microsoft, Qualcomm 4 Frontpage, Internet Explorer, Outlook Express and 1 more 2024-11-21 N/A
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
CVE-1999-0981 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."
CVE-1999-0967 1 Microsoft 3 Internet Explorer, Outlook Express, Windows Explorer 2024-11-21 N/A
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
CVE-1999-0917 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files.
CVE-1999-0891 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect.
CVE-1999-0877 1 Microsoft 1 Internet Explorer 2024-11-21 N/A
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME.
CVE-1999-0876 1 Microsoft 2 Ie, Internet Explorer 2024-11-21 N/A
Buffer overflow in Internet Explorer 4.0 via EMBED tag.