CVE-1999-1235

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Aug 25, 1999
Updated: Jul 22, 2021

Summary

CVE-1999-1235 is a vulnerability affecting Internet Explorer 5.0 that allows local users to access saved FTP passwords by examining the index.dat file in the URL history. Additionally, an attacker who is physically present, or "shoulder surfing," can observe the password displayed in the status bar when a user hovers over an FTP link. This issue poses a significant risk to users who share a computer or work in an open office environment. To mitigate the threat, users should be cautious when sharing their computer and avoid disclosing passwords in public areas. Furthermore, Internet Explorer users are advised to upgrade to a newer version or consider using alternative web browsers.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Internet Explorer

Affected Vendors

  • Microsoft