Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1235Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
4.6MEDIUMNVD
EPSS
0.4%
top 39.83%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedAug 25
Latest updateApr 30

Description

Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-v7w3-r9q2-mwx4: Internet Explorer 52022-04-30

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5 - FTP Password Storage1999-08-25
CVE-1999-1235 — Microsoft vulnerability | cvebase