Vulnerabilities > CVE-1999-0347

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

critical

exploit available

NVD

Published: 1999-01-26

Updated: 2016-10-18

Summary

Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character.

Exploit-Db

description	Microsoft Internet Explorer 5.0.1 Invalid Byte Cross-Frame Access Vulnerability. CVE-1999-0347. Remote exploit for windows platform
id	EDB-ID:19156
last seen	2016-02-02
modified	1999-01-28
published	1999-01-28
reporter	Georgi Guninski
source	https://www.exploit-db.com/download/19156/
title	Microsoft Internet Explorer 5.0.1 Invalid Byte Cross-Frame Access Vulnerability

References

http://marc.info/?l=bugtraq&m=91745430007021&w=2
http://marc.info/?l=ntbugtraq&m=91756771207719&w=2

Vulnerabilities > CVE-1999-0347 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-1999-0347"}]}

Summary

Exploit-Db

References

Vulnerabilities > CVE-1999-0347