Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1999-12-31 | CVE-1999-1126 | Unspecified vulnerability in Cisco Resource Manager 1.0/1.1 Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_". | 2.1 |
| 1999-12-31 | CVE-1999-1124 | Unspecified vulnerability in Allaire Coldfusion HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host. | 7.5 |
| 1999-12-31 | CVE-1999-1117 | Unspecified vulnerability in IBM AIX 4.1/4.2 lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. | 2.1 |
| 1999-12-31 | CVE-1999-1105 | Unspecified vulnerability in Microsoft Windows 95 Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive. | 5.0 |
| 1999-12-31 | CVE-1999-1104 | Unspecified vulnerability in Microsoft Windows 95 Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords. | 4.6 |
| 1999-12-31 | CVE-1999-1102 | lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. | 2.1 |
| 1999-12-31 | CVE-1999-1100 | Unspecified vulnerability in Cisco PIX Private Link 4.1(6) Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. | 7.5 |
| 1999-12-31 | CVE-1999-1094 | Unspecified vulnerability in Microsoft Internet Explorer Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue." | 7.5 |
| 1999-12-31 | CVE-1999-1093 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/4.0.1 Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. | 5.1 |
| 1999-12-31 | CVE-1999-1087 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/4.0.1 Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server. | 7.5 |