Intelligence Center » Browse All Vulnerabilities » CVE-1999-1087
Overview |
|
| Vulnerability Score |  7.5 |
| CVE Id | CVE-1999-1087 |
| Last Modified | 05 Sep 2008 04:18:41 |
| Published | 31 Dec 1999 12:00:00 |
| Confidentiality Impact |  PARTIAL |
| Integrity Impact | PARTIAL |
| Availability Impact | PARTIAL |
| Access Vector | NETWORK |
| Access Complexity | LOW |
| Authentication | NONE |
CVE-1999-1087
Summary
Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server.
Vulnerable Systems
Application
Microsoft Ie 4.0
Microsoft Ie 4.0.1
References
XF - ie-dotless(2209)
MS - MS98-016
MSKB - Q168617
CONFIRM - http://www.microsoft.com/Windows/Ie/security/dotless.asp
OSVDB - 7828
IT Risk Posture:
Free Risk Assessment Tools
Application Scanner
Find vulnerabilities on your network.
Device Scanner
Find vulnerabilities on your network.
Patch Scanner
Find vulnerabilities on your network.
Last Updated: 27 May 2016 10:35:16
