Lucene search

[email protected]CVE-1999-1093

HistoryMar 09, 2002 - 5:00 a.m.

CVE-1999-1093

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

cve-1999-1093

buffer overflow

jscript

scripting engine

internet explorer

remote attack

nvd

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.7%

JSON

Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page.

Affected configurations

NVD

Node

microsoftinternet_explorerRange≤4.0.1sp1

microsoftinternet_explorerMatch4.0

microsoftinternet_explorerMatch4.0.1

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorerle4.0.1
microsoft:internet_explorermicrosoft internet explorereq4.0

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	le	4.0.1
microsoft:internet_explorer	microsoft internet explorer	eq	4.0

References

support.microsoft.com/support/kb/articles/q191/2/00.asp

www.iss.net/security_center/static/1276.php

docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-011

Social References

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.7%

JSON

Related for CVE-1999-1093

cvelist1 nvd1