Return to CVE list

CVE-1999-0347

10.0
Critical

CVE-1999-0347

cve@mitre.org
Deferred
View on MITREFind on GitHub

Description

Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character.

Exploits

191561999-01-28remoteWindows

Microsoft Internet Explorer 5.0.1 - Invalid Byte Cross-Frame Access

By Georgi Guninski

References

cve@mitre.org
http://marc.info/?l=bugtraq&m=91745430007021&w=2
cve@mitre.org
http://marc.info/?l=ntbugtraq&m=91756771207719&w=2
af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=bugtraq&m=91745430007021&w=2
af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=ntbugtraq&m=91756771207719&w=2