CVE-1999-1016

Name of the Vulnerable Software and Affected Versions Microsoft HTML control as used in Internet Explorer 5.0 Microsoft HTML control as used in FrontPage Express Microsoft HTML control as used in Outlook Express 5 Microsoft HTML control as used in Eudora

Description The issue allows remote malicious web sites or HTML emails to cause a denial of service, resulting in 100% CPU consumption. This can be achieved via large HTML form fields, such as text inputs in a table cell.

Recommendations For Internet Explorer 5.0, consider restricting the use of large HTML form fields until a fix is available. For FrontPage Express, avoid using large HTML form fields in table cells to minimize the risk of exploitation. For Outlook Express 5, restrict access to HTML emails with large form fields to prevent denial of service attacks. For Eudora, as a temporary workaround, consider disabling the rendering of large HTML form fields in emails until a patch is available.