Search...

CVE-1999-0468

1999-04-09T00:00:00

ID CVE-1999-0468
Type cve
Reporter NVD
Modified 2018-10-12T17:29:05

Description

Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.

JSON Vulners Source

Initial Source

{"id": "CVE-1999-0468", "bulletinFamily": "NVD", "title": "CVE-1999-0468", "description": "Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.", "published": "1999-04-09T00:00:00", "modified": "2018-10-12T17:29:05", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0468", "reporter": "NVD", "references": ["https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012"], "cvelist": ["CVE-1999-0468"], "type": "cve", "lastseen": "2018-10-13T12:03:32", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:microsoft:ie:5.0"], "cvelist": ["CVE-1999-0468"], "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.", "edition": 1, "enchantments": {"score": {"modified": "2016-09-03T02:14:27", "value": 5.0, "vector": "NONE"}}, "hash": "6c8cad67b5a32bbca5c64b3ecc68c69e04b632775494421e421204b93d09b0f0", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "1be25557110594dfdd4c7b55f33b9a31", "key": "description"}, {"hash": "6cef4c2b4938ed9e4e4b99bc94233850", "key": "cvss"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "77aa9d2447f62c609bde2cae0dc2b406", "key": "cvelist"}, {"hash": "a5a8a5cda5386960778f3c55e927d4f9", "key": "references"}, {"hash": "14f34b0386b4a7f664e26e18d27fca58", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "05d9b809508e16c7af6144aab21719d8", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "adc587c89915c05b6d9cb2164a56351b", "key": "href"}, {"hash": "ab74b8ebab2944527db0b9c6d2838b9d", "key": "cpe"}, {"hash": "278006ca583987ea4a4d9dd3e70f1687", "key": "modified"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0468", "id": "CVE-1999-0468", "lastseen": "2016-09-03T02:14:27", "modified": "2008-09-09T08:34:37", "objectVersion": "1.2", "published": "1999-04-09T00:00:00", "references": ["http://www.microsoft.com/technet/security/bulletin/ms99-012.asp"], "reporter": "NVD", "scanner": [], "title": "CVE-1999-0468", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T02:14:27"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "ab74b8ebab2944527db0b9c6d2838b9d"}, {"key": "cvelist", "hash": "77aa9d2447f62c609bde2cae0dc2b406"}, {"key": "cvss", "hash": "6cef4c2b4938ed9e4e4b99bc94233850"}, {"key": "description", "hash": "1be25557110594dfdd4c7b55f33b9a31"}, {"key": "href", "hash": "adc587c89915c05b6d9cb2164a56351b"}, {"key": "modified", "hash": "7b0786b61bb8c4c36ce657fbd4afffe1"}, {"key": "published", "hash": "05d9b809508e16c7af6144aab21719d8"}, {"key": "references", "hash": "304f373cb71706ca089fcfc5c789f3b7"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "14f34b0386b4a7f664e26e18d27fca58"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "64ba84c63e3d928c96c14e6ff9dc927ad510952f59b1389fd57041d0a925e69c", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2018-10-13T12:03:32"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "cpe": ["cpe:/a:microsoft:ie:5.0"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"osvdb": [{"lastseen": "2017-04-28T13:20:02", "references": [], "edition": 1, "description": "# No description provided by the source\n\n## References:\nMicrosoft Security Bulletin: MS99-012\nMicrosoft Knowledge Base Article: 226325\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999_2/0072.html\nISS X-Force ID: 2070\n[CVE-1999-0468](https://vulners.com/cve/CVE-1999-0468)\nBugtraq ID: 117\n", "reporter": "OSVDB", "published": "1999-04-09T00:00:00", "title": "Microsoft IE Scriptlet Component Arbitrary File Access", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "affectedSoftware": [], "bulletinFamily": "software", "cvelist": ["CVE-1999-0468"], "modified": "1999-04-09T00:00:00", "id": "OSVDB:7841", "href": "https://vulners.com/osvdb/OSVDB:7841", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:00", "references": [], "edition": 1, "description": "## Vulnerability Description\nMicrosoft Internet Explorer contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious HTML file contains an IMG SRC tag that doesn't point to an image file. The document object model of Internet Explorer can then be exploited to reveil information not otherwise available leading to a loss of confidentiality.\n## Solution Description\nUpgrade to version 6.0 or higher, as it has been reported to fix this vulnerability. Microsoft has also released a patch to address this issue.\n## Short Description\nMicrosoft Internet Explorer contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious HTML file contains an IMG SRC tag that doesn't point to an image file. The document object model of Internet Explorer can then be exploited to reveil information not otherwise available leading to a loss of confidentiality.\n## References:\nMicrosoft Security Bulletin: MS99-012\nMicrosoft Knowledge Base Article: 226325\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1999_2/0072.html\nKeyword: MS99-012 Q226325 KB226325\nISS X-Force ID: 2070\n[CVE-1999-0468](https://vulners.com/cve/CVE-1999-0468)\n[CVE-1999-0490](https://vulners.com/cve/CVE-1999-0490)\nBugtraq ID: 117\n", "reporter": "Richard M. Smith()", "published": "1999-04-21T00:00:00", "type": "osvdb", "title": "Microsoft IE MSHTML.DLL Information Disclosure", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Internet Explorer", "version": "5.0", "operator": "eq"}, {"name": "Internet Explorer", "version": "4.0", "operator": "eq"}], "cvelist": ["CVE-1999-0468", "CVE-1999-0490"], "modified": "1999-04-21T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:5965", "id": "OSVDB:5965", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}