Vulnerability CVE-1999-1446

Vulnerability Name:

CVE-1999-1446 (CCN-524)

Assigned:

1997-08-01

Published:

1997-08-01

Updated:

2021-07-22

Summary:

Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-1999-1446

Source: NTBUGTRAQ
Type: UNKNOWN
19970805 Re: Strange behavior regarding directory

Source: NTBUGTRAQ
Type: UNKNOWN
19970806 Re: Strange behavior regarding directory

Source: CCN
Type: NTBugTraq Mailing List, Tue, 5 Aug 1997 00:41:13 -0400
Re: Strange behavior regarding directory

Source: CCN
Type: OSVDB ID: 7862
Microsoft IE User DAT File History Disclosure

Source: XF
Type: UNKNOWN
http-ie-record(524)

Vulnerable Configuration:

Configuration 1:

cpe:/a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

BACK