CVE-1999-0877

CVSS 2.0 Score 4.3 of 10 (medium)

Details

Published Oct 1, 1999
Updated: Nov 7, 2023
CWE ID 200

Summary

CVE-1999-0877 is a vulnerability affecting Internet Explorer 5 that allows remote attackers to read files. This is accomplished by manipulating the ExecCommand method of an IFRAME, enabling the attacker to access and view local files on the targeted system. This vulnerability poses a significant risk for information disclosure and can potentially lead to more serious attacks if exploited successfully. Malicious actors can take advantage of this flaw by tricking users into visiting a specially crafted website or opening a malicious email attachment. The vulnerability is particularly dangerous because it can be exploited without requiring user interaction or prior authentication. System administrators are urged to apply the available patches as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Internet Explorer

Affected Vendors

  • Microsoft