CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-1999-1087
https://notcve.org/view.php?id=CVE-1999-1087
Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server. • http://support.microsoft.com/support/kb/articles/q168/6/17.asp http://www.microsoft.com/Windows/Ie/security/dotless.asp http://www.osvdb.org/7828 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-016 https://exchange.xforce.ibmcloud.com/vulnerabilities/2209 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1094
https://notcve.org/view.php?id=CVE-1999-1094
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue." • http://marc.info/?l=bugtraq&m=88480839506155&w=2 http://support.microsoft.com/support/kb/articles/q176/6/97.asp https://exchange.xforce.ibmcloud.com/vulnerabilities/917 •
CVSS: 5.1EPSS: 0%CPEs: 3EXPL: 0CVE-1999-1093
https://notcve.org/view.php?id=CVE-1999-1093
Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. • http://support.microsoft.com/support/kb/articles/q191/2/00.asp http://www.iss.net/security_center/static/1276.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-011 •
CVSS: 2.6EPSS: 1%CPEs: 11EXPL: 1CVE-2000-0028 – Microsoft Internet Explorer 4/5/5.5/5.0.1 - external.NavigateAndFind() Cross-Frame
https://notcve.org/view.php?id=CVE-2000-0028
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. • https://www.exploit-db.com/exploits/19686 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0028 •
CVSS: 5.1EPSS: 0%CPEs: 3EXPL: 1CVE-1999-0981 – Microsoft Internet Explorer 4/5 / Outlook 98 - 'window.open' Redirect
https://notcve.org/view.php?id=CVE-1999-0981
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect." • https://www.exploit-db.com/exploits/19591 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ246094 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-050 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •