CVE-1999-1575

Sažetak

The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.

Reference

http://www.securityfocus.com/archive/1/28719
http://www.kb.cert.org/vuls/id/23412
http://www.kb.cert.org/vuls/id/24839
http://www.kb.cert.org/vuls/id/26924
http://www.kb.cert.org/vuls/id/41408
http://www.kb.cert.org/vuls/id/9162
https://exchange.xforce.ibmcloud.com/vulnerabilities/7097
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037

CVSS

Base:	5.1
Impact:	6.4
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

22-07-2021 - 14:02

Objavljeno

10-09-1999 - 04:00