Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0981Link Following in Microsoft Internet Explorer

CWE-59Link Following3 documents3 sources
Severity
5.1MEDIUMNVD
EPSS
4.6%
top 10.75%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedDec 8
Latest updateApr 30

Description

Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-f637-gvqx-348w: Internet Explorer 52022-04-30

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 4/5 / Outlook 98 - 'window.open' Redirect1999-11-04
CVE-1999-0981 — Link Following in Microsoft | cvebase