CVE-1999-1575 – Microsoft Internet Explorer 4.1/5 - Registration Wizard Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-1575
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands. • https://www.exploit-db.com/exploits/19528 https://www.exploit-db.com/exploits/19515 https://www.exploit-db.com/exploits/19521 http://www.kb.cert.org/vuls/id/23412 http://www.kb.cert.org/vuls/id/24839 http://www.kb.cert.org/vuls/id/26924 http://www.kb.cert.org/vuls/id/41408 http://www.kb.cert.org/vuls/id/9162 http://www.securityfocus.com/archive/1/28719 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037 https: •
CVE-1999-0669 – Microsoft Internet Explorer 4/5 - ActiveX 'Eyedog' Remote Overflow
https://notcve.org/view.php?id=CVE-1999-0669
The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. • https://www.exploit-db.com/exploits/19487 http://ciac.llnl.gov/ciac/bulletins/j-064.shtml •
CVE-1999-0891 – Microsoft Internet Explorer 5 - Download Behaviour
https://notcve.org/view.php?id=CVE-1999-0891
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect. • https://www.exploit-db.com/exploits/19530 http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ242542 http://www.ciac.org/ciac/bulletins/k-002.shtml http://www.kb.cert.org/vuls/id/37828 http://www.osvdb.org/11274 http://www.securityfocus.com/bid/674 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-040 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-1999-0670
https://notcve.org/view.php?id=CVE-1999-0670
Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. • http://ciac.llnl.gov/ciac/bulletins/j-064.shtml https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-032 •
CVE-1999-1016 – Microsoft Internet Explorer 5 - HTML Form Control Denial of Service
https://notcve.org/view.php?id=CVE-1999-1016
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. • https://www.exploit-db.com/exploits/19471 http://marc.info/?l=ntbugtraq&m=93578772920970&w=2 http://www.securityfocus.com/bid/606 •