CVE-1999-0489

CVSS 2.0 Score 10 of 10 (high)

Details

Published May 17, 1999
Updated: Oct 12, 2018

Summary

CVE-1999-0489 is a vulnerability affecting Internet Explorer 5.0 and its MSHTML.DLL component. An attacker can exploit this issue by pasting a file name into the file upload intrinsic control, which is a type of "untrusted scripted paste" as identified in Microsoft's advisory MS98-013. Successful exploitation allows the attacker to upload malicious files to the targeted system, potentially leading to security breaches and unauthorized access. This vulnerability underscores the importance of implementing strong access controls for file uploads and keeping software up-to-date to mitigate such threats.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows NT

Affected Vendors

  • Microsoft