CVE-1999-0933

TeamTrack web server allows remote attackers to read arbitrary files via a .. dot dot attack...

CVE-1999-1117

lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter...

CVE-1999-1451

The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files...

CVE-1999-1287

Vulnerability in Analog 3.0 and earlier allows remote attackers to read arbitrary files via the forms interface...

CVE-1999-1005

Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. dot dot attack using the HELP parameter...

CVE-1999-0859

Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly...

CVE-1999-0793

Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet...

CVE-1999-1550

bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter...

CVE-1999-0915

URL Live! web server allows remote attackers to read arbitrary files via a .. dot dot attack...

CVE-1999-0881

Falcon web server allows remote attackers to read arbitrary files via a .. dot dot attack...

CVE-1999-0883

Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine...

CVE-1999-0877

Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME...

CVE-1999-0068

CGI PHP mylog script allows an attacker to read any file on the target server...

CVE-1999-0386

Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL...

CVE-1999-0487

The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files...

CVE-1999-0346

CGI PHP mlog script allows an attacker to read any file on the target server...

CVE-1999-1377

Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. dot dot in the f parameter...

webcom.cgi.guestbook.txt

Date: Fri, 9 Apr 1999 20:41:39 +0100 From: Mnemonix To: [email protected] Subject: Webcom's CGI Guestbook for Win32 web servers I reported a while back on Webcom's www.webcom.se CGI Guestbook wguest.exe and rguest.exe having a number of security problems where any text based file o...

msie.5.0-0.001.percent.txt

Date: Fri, 9 Apr 1999 07:15:12 +0300 From: Georgi Guninski To: [email protected] Subject: IE 5.0 security vulnerabilities - %01 bug again There is a security bug in Internet Explorer 5.0 which circumvents "Cross-frame security" and opens several security holes. This is a modification of the "%...

msie4.01-jscript-security.txt

Date: Thu, 28 Jan 1999 04:53:31 PST From: Georgi Guninski To: [email protected] Subject: Javascript %01 bug in Internet Explorer There is a Javascript security bug in Internet Explorer 4.x patched, which circumvents "Cross-frame security" and opens several security holes. The probl...