CVE-1999-1575

Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 4.01 through 5.0

Description: The issue allows remote attackers to create and modify files and execute arbitrary commands due to certain ActiveX controls being marked as "Safe for Scripting". The affected ActiveX controls include Image Edit, Image Annotation, Image Scan, Thumbnail Image, Image Admin, HHOpen, Registration Wizard, and IE Active Setup.

Recommendations: For Internet Explorer versions 4.01 through 5.0, consider disabling the affected ActiveX controls to minimize the risk of exploitation. Restrict access to the imgedit.ocx, imgscan.ocx, imgthumb.ocx, imgadmin.ocx, hhopen.ocx, and regwizc.dll modules to prevent remote attackers from creating and modifying files and executing arbitrary commands. Avoid using the setupctl.dll in the affected IE Active Setup until the issue is resolved.