CVE-1999-1575

Published Sep 10, 1999

Last updated 3 years ago

Overview

Description: The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.1
Impact score: 6.4
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42502347-DD40-4F8C-9861-C0A88A3F8608"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6B8985B-B927-4928-B1DB-18E29F796992"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References