published date: October 1, 1998

CVE-1999-0870 : File Upload Vulnerability

Description

Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.

Product(s):

Microsoft Internet Explorer 4.0.1
Microsoft Internet Explorer 4.0.1 Service Pack 1
Microsoft Internet Explorer 4.0.1 Service Pack 2

CVSS:2.6 [Critical]
EPSS:9.12%
Exploitability:4.9
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-1999-0870, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-1999-0870 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://nvd.nist.gov/vuln/detail/CVE-1999-0870

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales