CVE-1999-1447

CVSS 2.0 Score 5.0 of 10 (medium)

Details

Published Jul 28, 1998
Updated: Jul 22, 2021

Summary

CVE-1999-1447 is a denial-of-service vulnerability affecting Internet Explorer 4.0. Maliciously crafted HTML code, containing an extended CLASSID parameter in an OBJECT tag, can trigger a crash in the browser, rendering it unresponsive. This issue represents a significant security risk as attackers can exploit it to cause inconvenience or downtime for users. The vulnerability can be mitigated by upgrading to a more secure browser version or implementing content security policies to restrict the length of CLASSID parameters.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Internet Explorer

Affected Vendors

  • Microsoft