8.1 High
AI Score
Confidence
Low
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
85.5%
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as “Safe for Scripting,” which allows remote attackers to create and modify files and execute arbitrary commands.
www.kb.cert.org/vuls/id/23412
www.kb.cert.org/vuls/id/24839
www.kb.cert.org/vuls/id/26924
www.kb.cert.org/vuls/id/41408
www.kb.cert.org/vuls/id/9162
www.securityfocus.com/archive/1/28719
docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037
exchange.xforce.ibmcloud.com/vulnerabilities/7097