Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1999-09-01 | CVE-1999-0669 | Unspecified vulnerability in Microsoft Internet Explorer 4.0/5.0 The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. | 4.0 |
| 1999-08-27 | CVE-1999-1016 | Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. | 5.0 |
| 1999-08-25 | CVE-1999-1235 | Unspecified vulnerability in Microsoft Internet Explorer 5.0 Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. | 4.6 |
| 1999-08-24 | CVE-1999-1052 | Unspecified vulnerability in Microsoft Frontpage Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users. | 5.0 |
| 1999-08-20 | CVE-2000-0325 | Unspecified vulnerability in Microsoft JET 3.5/3.5.1 The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability. | 7.2 |
| 1999-08-16 | CVE-1999-0749 | Unspecified vulnerability in Microsoft Windows 95 and Windows 98 Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument. | 2.6 |
| 1999-07-23 | CVE-1999-0224 | Unspecified vulnerability in Microsoft Windows NT 4.0 Denial of service in Windows NT messenger service through a long username. | 5.0 |
| 1999-07-19 | CVE-1999-1011 | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands. | 10.0 |
| 1999-07-07 | CVE-1999-1537 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL. | 5.0 |
| 1999-07-06 | CVE-1999-1478 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character. | 5.0 |