CVE-1999-1577 – Microsoft Internet Explorer 5.0/4.0.1 - hhopen OLE Control Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-1577
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method. • https://www.exploit-db.com/exploits/19521 http://www.kb.cert.org/vuls/id/29795 http://www.securityfocus.com/archive/1/28719 http://www.securityfocus.com/bid/669 https://exchange.xforce.ibmcloud.com/vulnerabilities/3314 •
CVE-1999-1578 – Microsoft Internet Explorer 4.1/5 - Registration Wizard Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-1578
Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands. • https://www.exploit-db.com/exploits/19528 http://www.kb.cert.org/vuls/id/37556 http://www.securityfocus.com/archive/1/28719 http://www.securityfocus.com/bid/671 https://exchange.xforce.ibmcloud.com/vulnerabilities/3311 •
CVE-1999-0702 – Microsoft Internet Explorer 4.0.1/5 - Import/Export Favorites
https://notcve.org/view.php?id=CVE-1999-0702
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability. • https://www.exploit-db.com/exploits/19490 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ241361 http://www.securityfocus.com/bid/627 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-1999-1575 – Microsoft Internet Explorer 4.1/5 - Registration Wizard Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-1575
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands. • https://www.exploit-db.com/exploits/19528 https://www.exploit-db.com/exploits/19515 https://www.exploit-db.com/exploits/19521 http://www.kb.cert.org/vuls/id/23412 http://www.kb.cert.org/vuls/id/24839 http://www.kb.cert.org/vuls/id/26924 http://www.kb.cert.org/vuls/id/41408 http://www.kb.cert.org/vuls/id/9162 http://www.securityfocus.com/archive/1/28719 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037 https: •
CVE-1999-0669 – Microsoft Internet Explorer 4/5 - ActiveX 'Eyedog' Remote Overflow
https://notcve.org/view.php?id=CVE-1999-0669
The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. • https://www.exploit-db.com/exploits/19487 http://ciac.llnl.gov/ciac/bulletins/j-064.shtml •