CVE-1999-0489
CVSS 2.0 Score 10 of 10 (high)
Details
Summary
CVE-1999-0489 is a vulnerability affecting Internet Explorer 5.0 and its MSHTML.DLL component. An attacker can exploit this issue by pasting a file name into the file upload intrinsic control, which is a type of "untrusted scripted paste" as identified in Microsoft's advisory MS98-013. Successful exploitation allows the attacker to upload malicious files to the targeted system, potentially leading to security breaches and unauthorized access. This vulnerability underscores the importance of implementing strong access controls for file uploads and keeping software up-to-date to mitigate such threats.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Windows NT
Affected Vendors
- Microsoft