Vulnerability Description
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Internet Explorer | 4.0 |
References
- http://marc.info/?l=bugtraq&m=87710897923098&w=2
- http://support.microsoft.com/support/kb/articles/q176/6/97.aspPatchVendor Advisory
- http://support.microsoft.com/support/kb/articles/q176/7/94.aspPatchVendor Advisory
- http://www.insecure.org/sploits/Internet_explorer_4.0.hack.htmlExploitPatchVendor Advisory
- http://www.microsoft.com/Windows/ie/security/freiburg.asp
- http://www.osvdb.org/7819
- https://exchange.xforce.ibmcloud.com/vulnerabilities/587
- http://marc.info/?l=bugtraq&m=87710897923098&w=2
- http://support.microsoft.com/support/kb/articles/q176/6/97.aspPatchVendor Advisory
- http://support.microsoft.com/support/kb/articles/q176/7/94.aspPatchVendor Advisory
- http://www.insecure.org/sploits/Internet_explorer_4.0.hack.htmlExploitPatchVendor Advisory
- http://www.microsoft.com/Windows/ie/security/freiburg.asp
- http://www.osvdb.org/7819
- https://exchange.xforce.ibmcloud.com/vulnerabilities/587
FAQ
What is CVE-1999-1472?
CVE-1999-1472 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Fr...
How severe is CVE-1999-1472?
CVE-1999-1472 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1472?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer.