PT-1999-1727 · Microsoft · Internet Explorer

Published

1999-12-31

Updated

2021-07-22

CVE-1999-1472

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Internet Explorer version 4.0

Description: The issue allows remote attackers to read arbitrary text and HTML files on the user's machine. This is achieved through a small IFRAME that utilizes Dynamic HTML (DHTML) to send the data to the attacker.

Recommendations: For Internet Explorer version 4.0, consider disabling the use of Dynamic HTML (DHTML) or restricting access to IFRAME elements to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1472

Affected Products

Internet Explorer

PT-1999-1727 · Microsoft · Internet Explorer

CVE-1999-1472

Related Identifiers

Affected Products

References · 8