CVE-1999-1087

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 31, 1999
Updated: Jul 22, 2021

Summary

CVE-1999-1087 refers to a vulnerability in Internet Explorer 4 that allows remote servers to bypass security restrictions. The issue arises due to the browser's treatment of a 32-bit number in a URL as a hostname instead of an IP address. Consequently, web pages containing dotless IP addresses are subjected to Local Intranet Zone settings, enabling unauthorized activities such as data theft or unintended modifications. This vulnerability poses a significant risk to users who visit malicious websites with dotless IP addresses in their URLs.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Internet Explorer

Affected Vendors

  • Microsoft