CVSS: 10.0EPSS: 24%CPEs: 5EXPL: 0CVE-1999-0876
https://notcve.org/view.php?id=CVE-1999-0876
04 Jan 2000 — Buffer overflow in Internet Explorer 4.0 via EMBED tag. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ185959 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 10%CPEs: 3EXPL: 0CVE-1999-1087
https://notcve.org/view.php?id=CVE-1999-1087
31 Dec 1999 — Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server. • http://support.microsoft.com/support/kb/articles/q168/6/17.asp •
CVSS: 8.8EPSS: 6%CPEs: 3EXPL: 0CVE-1999-1093
https://notcve.org/view.php?id=CVE-1999-1093
31 Dec 1999 — Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. • http://support.microsoft.com/support/kb/articles/q191/2/00.asp •
CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 0CVE-1999-1094
https://notcve.org/view.php?id=CVE-1999-1094
31 Dec 1999 — Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue." • http://marc.info/?l=bugtraq&m=88480839506155&w=2 •
CVSS: 7.5EPSS: 17%CPEs: 1EXPL: 1CVE-1999-1472
https://notcve.org/view.php?id=CVE-1999-1472
31 Dec 1999 — Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. • http://marc.info/?l=bugtraq&m=87710897923098&w=2 •
CVSS: 6.1EPSS: 16%CPEs: 2EXPL: 0CVE-1999-1473
https://notcve.org/view.php?id=CVE-1999-1473
31 Dec 1999 — When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue." • http://support.microsoft.com/support/kb/articles/q176/6/97.asp •
CVSS: 7.5EPSS: 21%CPEs: 11EXPL: 1CVE-2000-0028 – Microsoft Internet Explorer 4/5/5.5/5.0.1 - external.NavigateAndFind() Cross-Frame
https://notcve.org/view.php?id=CVE-2000-0028
23 Dec 1999 — Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. • https://www.exploit-db.com/exploits/19686 •
CVSS: 6.1EPSS: 3%CPEs: 3EXPL: 1CVE-1999-0981 – Microsoft Internet Explorer 4/5 / Outlook 98 - 'window.open' Redirect
https://notcve.org/view.php?id=CVE-1999-0981
08 Dec 1999 — Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect." • https://www.exploit-db.com/exploits/19591 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 8%CPEs: 20EXPL: 1CVE-2000-0329 – Microsoft Internet Explorer 4.x/5 / Outlook 2000 0/98 0/Express 4.x - ActiveX '.CAB' File Execution
https://notcve.org/view.php?id=CVE-2000-0329
11 Nov 1999 — A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. • https://www.exploit-db.com/exploits/19603 •
CVSS: 8.8EPSS: 3%CPEs: 3EXPL: 0CVE-1999-0354
https://notcve.org/view.php?id=CVE-1999-0354
01 Nov 1999 — Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-002 •