Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1575

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-1999-1575
Last Modified 05 Sep 2008 04:19:51
Published 10 Sep 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-1999-1575

Summary

The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.

Vulnerable Systems

Application

  • Microsoft Ie 4.0.1

  • Microsoft Ie 5.0


References

CERT-VN - VU#9162

CERT-VN - VU#41408

CERT-VN - VU#26924

CERT-VN - VU#24839

CERT-VN - VU#23412

XF - wang-kodak-activex-control(7097)

BUGTRAQ - 19990924 Several ActiveX Buffer Overruns

MS - MS99-037


Last Updated: 27 May 2016 10:35:30