Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1999-12-31 | CVE-1999-1481 | Unspecified vulnerability in National Science Foundation Squid web Proxy Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair. | 5.0 |
| 1999-12-31 | CVE-1999-1473 | Unspecified vulnerability in Microsoft Internet Explorer 3.0.2/4.0 When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue." | 5.0 |
| 1999-12-31 | CVE-1999-1472 | Unspecified vulnerability in Microsoft Internet Explorer 4.0 Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. | 5.0 |
| 1999-12-31 | CVE-1999-1462 | Information Exposure vulnerability in BB4 BIG Brother 1.09B/1.09C Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrary files. | 5.0 |
| 1999-12-31 | CVE-1999-1456 | Unspecified vulnerability in Thttpd Http Server thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename. | 5.0 |
| 1999-12-31 | CVE-1999-1451 | Unspecified vulnerability in Microsoft Internet Information Server and Site Server The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files. | 5.0 |
| 1999-12-31 | CVE-1999-1444 | Unspecified vulnerability in Computer Software Manufaktur Alibaba 2.0 genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent of 1, which results in transactions that are sent in cleartext. | 5.0 |
| 1999-12-31 | CVE-1999-1386 | Link Following vulnerability in Perl Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file. | 5.5 |
| 1999-12-31 | CVE-1999-1379 | Unspecified vulnerability in Dnstools Software Dnstools DNS allows remote attackers to use DNS name servers as traffic amplifiers via a UDP DNS query with a spoofed source address, which produces more traffic to the victim than was sent by the attacker. | 5.0 |
| 1999-12-31 | CVE-1999-1358 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | 4.6 |