CVSS: 5.1EPSS: 0%CPEs: 3EXPL: 1CVE-1999-0981 – Microsoft Internet Explorer 4/5 / Outlook 98 - 'window.open' Redirect
https://notcve.org/view.php?id=CVE-1999-0981
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect." • https://www.exploit-db.com/exploits/19591 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ246094 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-050 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 2.6EPSS: 1%CPEs: 2EXPL: 1CVE-1999-0793 – Microsoft Internet Explorer 5.0/4.0.1 - JavaScript URL Redirection (MS99-043)
https://notcve.org/view.php?id=CVE-1999-0793
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. • https://www.exploit-db.com/exploits/19559 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-043 •
CVSS: 2.6EPSS: 0%CPEs: 11EXPL: 0CVE-1999-0827
https://notcve.org/view.php?id=CVE-1999-0827
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0827 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-1999-0354
https://notcve.org/view.php?id=CVE-1999-0354
Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-002 •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 1CVE-1999-1577 – Microsoft Internet Explorer 5.0/4.0.1 - hhopen OLE Control Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-1577
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method. • https://www.exploit-db.com/exploits/19521 http://www.kb.cert.org/vuls/id/29795 http://www.securityfocus.com/archive/1/28719 http://www.securityfocus.com/bid/669 https://exchange.xforce.ibmcloud.com/vulnerabilities/3314 •