CVE-1999-1235
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
25/08/1999
Last modified:
03/04/2025
Description
Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link.
Impact
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://ntbugtraq.ntadvice.com/default.asp?pid=36&sid=1&A2=ind9904&L=NTBUGTRAQ&P=R179
- http://packetderm.cotse.com/mailing-lists/ntbugtraq/1999/0364.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/3289
- http://ntbugtraq.ntadvice.com/default.asp?pid=36&sid=1&A2=ind9904&L=NTBUGTRAQ&P=R179
- http://packetderm.cotse.com/mailing-lists/ntbugtraq/1999/0364.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/3289