CVE-1999-1446 — UI Discrepancy for Security Feature in Microsoft Internet Explorer

CWE-446 — UI Discrepancy for Security Feature CWE-684 — Incorrect Provision of Specified Functionality5 documents4 sources

Severity

2.1LOWNVD

EPSS

0.8%

top 26.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedAug 5

Latest updateApr 17

Description

Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer3.0

🔴Vulnerability Details

VulDB

Microsoft Internet Explorer 3.0 Clear History information disclosure↗2026-04-17

▶

GHSA

GHSA-xvpw-j9f9-fw7v: Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders↗2022-04-30

▶

📐Framework References

CWE

UI Discrepancy for Security Feature↗

▶

CWE

Incorrect Provision of Specified Functionality↗

▶