published date: March 14, 1997

CVE-1999-1525 : Macromedia Shockwave before 6.0...

Description

Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.

Product(s):

Macromedia Shockwave Flash Plugin
Macromedia Shockwave Flash Plugin 6.0

CVSS:5.1 [Critical]
EPSS:0.13%
Exploitability:4.9
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-1999-1525, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-1999-1525 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://nvd.nist.gov/vuln/detail/CVE-1999-1525

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales