| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-1999-0031 |
|
|
|
1997-07-08 |
2021-07-22 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability. |
|
2 |
CVE-1999-0105 |
|
|
|
1997-03-01 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
finger allows recursive searches by using a long string of @ symbols. |
|
3 |
CVE-1999-0106 |
|
|
|
1997-03-01 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Finger redirection allows finger bombs. |
|
4 |
CVE-1999-0132 |
|
|
|
1996-08-15 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
|
5 |
CVE-1999-0133 |
|
|
|
1996-08-14 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access. |
|
6 |
CVE-1999-0144 |
|
|
DoS |
1997-06-01 |
2020-01-23 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in Qmail by specifying a large number of recipients with the RCPT command. |
|
7 |
CVE-1999-0171 |
|
|
DoS |
1997-01-01 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in syslog by sending it a large number of superfluous messages. |
|
8 |
CVE-1999-0223 |
|
|
|
1999-03-01 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. |
|
9 |
CVE-1999-0322 |
|
|
|
1997-10-29 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The open() function in FreeBSD allows local attackers to write to arbitrary files. |
|
10 |
CVE-1999-0327 |
|
|
|
1997-11-01 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
SGI syserr program allows local users to corrupt files. |
|
11 |
CVE-1999-0367 |
|
|
|
1999-02-09 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
NetBSD netstat command allows local users to access kernel memory. |
|
12 |
CVE-1999-0372 |
200 |
|
+Info |
1999-02-12 |
2018-10-12 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. |
|
13 |
CVE-1999-0374 |
|
|
|
1999-02-16 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Debian GNU/Linux cfengine package is susceptible to a symlink attack. |
|
14 |
CVE-1999-0396 |
|
|
DoS |
1999-02-17 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. |
|
15 |
CVE-1999-0417 |
|
|
DoS |
1999-03-09 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
64 bit Solaris 7 procfs allows local users to perform a denial of service. |
|
16 |
CVE-1999-0424 |
|
|
|
1999-03-18 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. |
|
17 |
CVE-1999-0442 |
|
|
|
1999-01-07 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Solaris ff.core allows local users to modify files. |
|
18 |
CVE-1999-0446 |
|
|
DoS |
1999-04-12 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS. |
|
19 |
CVE-1999-0451 |
|
|
DoS |
1999-01-19 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port. |
|
20 |
CVE-1999-0458 |
|
|
|
1999-01-06 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information. |
|
21 |
CVE-1999-0460 |
|
|
DoS Overflow |
1999-02-19 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service. |
|
22 |
CVE-1999-0464 |
|
|
DoS |
1999-01-04 |
2016-10-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames. |
|
23 |
CVE-1999-0468 |
|
|
|
1999-04-09 |
2021-07-22 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component. |
|
24 |
CVE-1999-0473 |
|
|
|
1999-04-07 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred. |
|
25 |
CVE-1999-0480 |
|
|
DoS |
1999-04-01 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack. |
|
26 |
CVE-1999-0483 |
|
|
|
1999-02-25 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
OpenBSD crash using nlink value in FFS and EXT2FS filesystems. |
|
27 |
CVE-1999-0484 |
|
|
Overflow |
1999-02-23 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Buffer overflow in OpenBSD ping. |
|
28 |
CVE-1999-0485 |
|
|
|
1999-02-19 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD. |
|
29 |
CVE-1999-0487 |
|
|
|
1999-05-01 |
2021-07-22 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. |
|
30 |
CVE-1999-0585 |
|
|
|
2000-07-01 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A Windows NT administrator account has the default name of Administrator. |
|
31 |
CVE-1999-0595 |
|
|
|
2000-01-20 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. |
|
32 |
CVE-1999-0694 |
|
|
DoS |
1999-08-11 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in AIX ptrace system call allows local users to crash the system. |
|
33 |
CVE-1999-0712 |
|
|
|
1999-04-27 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable. |
|
34 |
CVE-1999-0714 |
|
|
|
1999-02-15 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Vulnerability in Compaq Tru64 UNIX edauth command. |
|
35 |
CVE-1999-0717 |
|
|
|
1999-05-07 |
2018-10-12 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. |
|
36 |
CVE-1999-0732 |
|
|
|
1999-08-19 |
2016-09-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links. |
|
37 |
CVE-1999-0743 |
|
|
|
1999-08-20 |
2018-05-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Trn allows local users to overwrite other users' files via symlinks. |
|
38 |
CVE-1999-0747 |
|
|
DoS |
1999-08-18 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fstat call is made when the system has a high CPU load. |
|
39 |
CVE-1999-0749 |
|
|
Overflow |
1999-08-16 |
2018-10-12 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument. |
|
40 |
CVE-1999-0757 |
|
|
|
2001-03-12 |
2017-12-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates. |
|
41 |
CVE-1999-0762 |
|
|
|
1999-05-24 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. |
|
42 |
CVE-1999-0770 |
|
|
DoS |
1999-07-29 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems. |
|
43 |
CVE-1999-0782 |
|
|
|
1998-11-18 |
2016-10-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. |
|
44 |
CVE-1999-0787 |
|
|
|
1999-09-17 |
2016-10-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The SSH authentication agent follows symlinks via a UNIX domain socket. |
|
45 |
CVE-1999-0790 |
|
|
|
2000-04-01 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
A remote attacker can read information from a Netscape user's cache via JavaScript. |
|
46 |
CVE-1999-0793 |
|
|
|
1999-11-17 |
2021-07-22 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet. |
|
47 |
CVE-1999-0797 |
|
|
DoS |
1998-06-29 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries. |
|
48 |
CVE-1999-0803 |
|
|
|
1999-05-25 |
2016-10-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack. |
|
49 |
CVE-1999-0827 |
|
|
|
1999-11-01 |
2021-07-22 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. |
|
50 |
CVE-1999-0851 |
|
|
DoS |
1999-11-10 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in BIND named via naptr. |
