Page 19 of 114 results (0.009 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 3

Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client. • https://www.exploit-db.com/exploits/19618 http://www.securityfocus.com/archive/1/34675 http://www.securityfocus.com/bid/793 •

CVSS: 5.1EPSS: 1%CPEs: 20EXPL: 1

A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. • https://www.exploit-db.com/exploits/19603 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048 •

CVSS: 2.6EPSS: 0%CPEs: 11EXPL: 0

By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0827 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-002 •

CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 1

Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method. • https://www.exploit-db.com/exploits/19521 http://www.kb.cert.org/vuls/id/29795 http://www.securityfocus.com/archive/1/28719 http://www.securityfocus.com/bid/669 https://exchange.xforce.ibmcloud.com/vulnerabilities/3314 •