-
CVE-1999-0717
•
published on January 4, 2000
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
-
CVE-1999-0721
•
published on January 4, 2000
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
-
CVE-1999-0724
•
published on January 4, 2000
Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.
-
CVE-1999-0728
•
published on January 4, 2000
A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.
-
CVE-1999-0685
•
published on January 4, 2000
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
-
CVE-1999-0688
•
published on January 4, 2000
Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.
-
CVE-1999-0693
•
published on January 4, 2000
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
-
CVE-1999-0705
•
published on January 4, 2000
Buffer overflow in INN inews program.
-
CVE-1999-0731
•
published on January 4, 2000
The KDE klock program allows local users to unlock a session using malformed input.
-
CVE-1999-0777
•
published on January 4, 2000
IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
-
CVE-1999-0794
•
published on January 4, 2000
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.
-
CVE-1999-0835
•
published on January 4, 2000
Denial of service in BIND named via malformed SIG records.
-
CVE-1999-0867
•
published on January 4, 2000
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
-
CVE-1999-0870
•
published on January 4, 2000
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.
-
CVE-1999-0871
•
published on January 4, 2000
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability.
-
CVE-1999-0880
•
published on January 4, 2000
Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.
-
CVE-1999-0891
•
published on January 4, 2000
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect.
-
CVE-1999-0909
•
published on January 4, 2000
Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.
-
CVE-1999-0915
•
published on January 4, 2000
URL Live! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
-
CVE-1999-0936
•
published on January 4, 2000
BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.