PT-1999-1579 · Microsoft · Internet Explorer+1

Published

1999-11-14

Updated

2021-07-22

CVE-1999-1110

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Windows Media Player ActiveX object as used in Internet Explorer version 5.0

Description The issue allows remote malicious web sites to determine the existence of files on the client by exploiting the Windows Media Player ActiveX object in Internet Explorer. This is possible because the object returns a specific error code when a file does not exist.

Recommendations For Internet Explorer version 5.0, consider disabling the Windows Media Player ActiveX object until a patch is available to prevent remote malicious web sites from determining the existence of files on the client.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1110

Affected Products

Internet Explorer

Windows Media Player

PT-1999-1579 · Microsoft · Internet Explorer+1

CVE-1999-1110

Related Identifiers

Affected Products

References · 4