CVE-1999-1094
published 1999-12-31CVE-1999-1094: Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK…
PriorityP433high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
18.08%
96.8th percentile
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | <= 4.0.1 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Microsoft Internet Explorer 3.02/4.0/4.01 mk: Protocol Long URL memory corruption (XFDB-917)
vuldb·2026-04-20·CVSS 7.5
CVE-1999-1094 [HIGH] Microsoft Internet Explorer 3.02/4.0/4.01 mk: Protocol Long URL memory corruption (XFDB-917)
A vulnerability labeled as critical has been found in Microsoft Internet Explorer 3.02/4.0/4.01. Impacted is an unknown function of the component mk: Protocol Handler. Executing a manipulation as part of Long URL can lead to memory corruption.
This vulnerability is registered as CVE-1999-1094. It is possible to launch the attack remotely. No exploit is available.
The affected component should be upgraded.
GHSA
GHSA-wcrg-6ghq-6288: Buffer overflow in Internet Explorer 4
ghsa_unreviewed·2022-04-30
CVE-1999-1094 [HIGH] GHSA-wcrg-6ghq-6288: Buffer overflow in Internet Explorer 4
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=88480839506155&w=2http://support.microsoft.com/support/kb/articles/q176/6/97.asphttps://exchange.xforce.ibmcloud.com/vulnerabilities/917http://marc.info/?l=bugtraq&m=88480839506155&w=2http://support.microsoft.com/support/kb/articles/q176/6/97.asphttps://exchange.xforce.ibmcloud.com/vulnerabilities/917
1999-12-31
Published