CVE-1999-1575

Description

The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

References

• http://www.kb.cert.org/vuls/id/23412
  US Government Resource
• http://www.kb.cert.org/vuls/id/24839
  US Government Resource
• http://www.kb.cert.org/vuls/id/26924
  US Government Resource
• http://www.kb.cert.org/vuls/id/41408
  US Government Resource
• http://www.kb.cert.org/vuls/id/9162
  US Government Resource
• http://www.securityfocus.com/archive/1/28719
  Exploit
• https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037
• https://exchange.xforce.ibmcloud.com/vulnerabilities/7097
• http://www.kb.cert.org/vuls/id/23412
  US Government Resource
• http://www.kb.cert.org/vuls/id/24839
  US Government Resource
• http://www.kb.cert.org/vuls/id/26924
  US Government Resource
• http://www.kb.cert.org/vuls/id/41408
  US Government Resource
• http://www.kb.cert.org/vuls/id/9162
  US Government Resource
• http://www.securityfocus.com/archive/1/28719
  Exploit
• https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037
• https://exchange.xforce.ibmcloud.com/vulnerabilities/7097