Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1999-11-11 | CVE-2000-0329 | Unspecified vulnerability in Microsoft products A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability. | 5.1 |
| 1999-11-01 | CVE-1999-0827 | By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. | 2.6 |
| 1999-11-01 | CVE-1999-0354 | Unspecified vulnerability in Microsoft Internet Explorer and Word Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. | 7.5 |
| 1999-10-31 | CVE-1999-1577 | Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0 Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method. | 5.1 |
| 1999-10-26 | CVE-1999-1234 | Unspecified vulnerability in Microsoft Windows NT 4.0 LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo. | 5.0 |
| 1999-10-21 | CVE-2000-0327 | Unspecified vulnerability in Microsoft Virtual Machine 2000/3000 Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability. | 7.6 |
| 1999-09-24 | CVE-1999-1578 | Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0 Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands. | 5.1 |
| 1999-09-24 | CVE-1999-1484 | Buffer Overflow vulnerability in Microsoft MSN Setup Bulletin Board Services 4.71.0.10 Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured. | 7.5 |
| 1999-09-13 | CVE-1999-0750 | Unspecified vulnerability in Microsoft Hotmail Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. | 5.1 |
| 1999-09-10 | CVE-1999-1575 | Unspecified vulnerability in Microsoft Internet Explorer 4.0.1/5.0 The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands. | 5.1 |