Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1577Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Explorer

3 documents3 sources
Severity
5.1MEDIUMNVD
EPSS
34.9%
top 2.96%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedOct 31
Latest updateApr 30

Description

Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/internet_explorer4.0.1, 5.0+1

🔴Vulnerability Details

1
GHSA
GHSA-hc2h-vv8g-pjcj: Buffer overflow in HHOpen ActiveX control (hhopen2022-04-30

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5.0/4.0.1 - hhopen OLE Control Buffer Overflow1999-09-27
CVE-1999-1577 — Microsoft vulnerability | cvebase