Lucene search

[email protected]CVE-1999-1380

HistoryMay 04, 1997 - 4:00 a.m.

CVE-1999-1380

1997-05-0404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

symantec norton utilities

windows 95

tuneocx.ocx

activex control

remote execution

internet explorer 3.0

cve-1999-1380.

8.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.7%

JSON

Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.

CPENameOperatorVersion
symantec:norton_utilitiessymantec norton utilitieseq2.0

CPE	Name	Operator	Version
symantec:norton_utilities	symantec norton utilities	eq	2.0

References

mlarchive.ima.com/win95/1997/May/0342.html

news.zdnet.co.uk/story/0%2C%2Cs2065518%2C00.html

www.iss.net/security_center/static/7188.php

www.net-security.sk/bugs/NT/nu20.html

8.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.7%

JSON

Related for CVE-1999-1380

cvelist1