Vulnerabilities > Microsoft

DATE CVE VULNERABILITY TITLE RISK
1999-11-01 CVE-1999-0827 By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
network
high complexity
netscape microsoft
2.6
1999-11-01 CVE-1999-0354 Unspecified vulnerability in Microsoft Internet Explorer and Word
Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content.
network
low complexity
microsoft
7.5
1999-10-31 CVE-1999-1577 Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
network
high complexity
microsoft
5.1
1999-10-26 CVE-1999-1234 Unspecified vulnerability in Microsoft Windows NT 4.0
LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo.
network
low complexity
microsoft
5.0
1999-10-21 CVE-2000-0327 Unspecified vulnerability in Microsoft Virtual Machine 2000/3000
Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.
network
high complexity
microsoft
7.6
1999-09-24 CVE-1999-1578 Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0
Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands.
network
high complexity
microsoft
5.1
1999-09-24 CVE-1999-1484 Buffer Overflow vulnerability in Microsoft MSN Setup Bulletin Board Services 4.71.0.10
Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured.
network
low complexity
microsoft
7.5
1999-09-13 CVE-1999-0750 Unspecified vulnerability in Microsoft Hotmail
Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.
network
high complexity
microsoft
5.1
1999-09-10 CVE-1999-1575 Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
network
high complexity
microsoft
5.1
1999-09-10 CVE-1999-0910 Unspecified vulnerability in Microsoft products
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.
network
low complexity
microsoft
5.0