CVE-1999-0668 – Microsoft Internet Explorer 5 - ActiveX Object For Constructing Type Libraries For Scriptlets File Write
https://notcve.org/view.php?id=CVE-1999-0668
The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. • https://www.exploit-db.com/exploits/19468 http://ciac.llnl.gov/ciac/bulletins/j-064.shtml http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ240308 http://www.securityfocus.com/bid/598 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-032 •
CVE-1999-0917
https://notcve.org/view.php?id=CVE-1999-0917
The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ231452 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-018 •
CVE-1999-0487 – Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing / Cross Frame Access
https://notcve.org/view.php?id=CVE-1999-0487
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. • https://www.exploit-db.com/exploits/19094 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-011 •
CVE-1999-0490
https://notcve.org/view.php?id=CVE-1999-0490
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012 •
CVE-1999-0488
https://notcve.org/view.php?id=CVE-1999-0488
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012 •