CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1CVE-1999-1472
https://notcve.org/view.php?id=CVE-1999-1472
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. • http://marc.info/?l=bugtraq&m=87710897923098&w=2 http://support.microsoft.com/support/kb/articles/q176/6/97.asp http://support.microsoft.com/support/kb/articles/q176/7/94.asp http://www.insecure.org/sploits/Internet_explorer_4.0.hack.html http://www.microsoft.com/Windows/ie/security/freiburg.asp http://www.osvdb.org/7819 https://exchange.xforce.ibmcloud.com/vulnerabilities/587 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-1999-1087
https://notcve.org/view.php?id=CVE-1999-1087
Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server. • http://support.microsoft.com/support/kb/articles/q168/6/17.asp http://www.microsoft.com/Windows/Ie/security/dotless.asp http://www.osvdb.org/7828 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-016 https://exchange.xforce.ibmcloud.com/vulnerabilities/2209 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1094
https://notcve.org/view.php?id=CVE-1999-1094
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue." • http://marc.info/?l=bugtraq&m=88480839506155&w=2 http://support.microsoft.com/support/kb/articles/q176/6/97.asp https://exchange.xforce.ibmcloud.com/vulnerabilities/917 •
CVSS: 5.1EPSS: 0%CPEs: 3EXPL: 0CVE-1999-1093
https://notcve.org/view.php?id=CVE-1999-1093
Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. • http://support.microsoft.com/support/kb/articles/q191/2/00.asp http://www.iss.net/security_center/static/1276.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-011 •
CVSS: 2.6EPSS: 1%CPEs: 11EXPL: 1CVE-2000-0028 – Microsoft Internet Explorer 4/5/5.5/5.0.1 - external.NavigateAndFind() Cross-Frame
https://notcve.org/view.php?id=CVE-2000-0028
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. • https://www.exploit-db.com/exploits/19686 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0028 •