Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1206

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-1999-1206
Last Modified 10 Sep 2008 03:01:22
Published 31 Dec 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-1999-1206

Summary

SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a malicious web page that references (1) the Launch control, or (2) the RegObj control.

Vulnerable Systems

Application

  • Systemsoft Systemwizard


References

CONFIRM - http://www.systemsoft.com/l-2/l-3/support-systemwizard.htm

BUGTRAQ - 19990729 New ActiveX security problems in Windows 98 PCs

BID - 555


Last Updated: 27 May 2016 10:35:19