CVE-1999-0487 – Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing / Cross Frame Access
https://notcve.org/view.php?id=CVE-1999-0487
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. • https://www.exploit-db.com/exploits/19094 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-011 •
CVE-1999-0490
https://notcve.org/view.php?id=CVE-1999-0490
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012 •
CVE-1999-0488
https://notcve.org/view.php?id=CVE-1999-0488
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012 •