Lucene search

[email protected]CVE-1999-0489

HistoryFeb 04, 2000 - 5:00 a.m.

CVE-1999-0489

2000-02-0405:00:00

[email protected]

web.nvd.nist.gov

cve-1999-0489

mshtml.dll

internet explorer 5.0

remote attack

file upload control

untrusted scripted paste

ms:ms98-013

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.1%

JSON

MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of “untrusted scripted paste” as described in MS:MS98-013.

Affected configurations

NVD

Node

microsoftwindows_ntMatch4.0

CPENameOperatorVersion
microsoft:windows_ntmicrosoft windows nteq4.0

CPE	Name	Operator	Version
microsoft:windows_nt	microsoft windows nt	eq	4.0

References

docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-015

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.1%

JSON

Related for CVE-1999-0489

cvelist1 nvd1