Security Vulnerabilities Published In April 1999 (CVSS score >= 3)

1999 : January February March April May June July August September October November December

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-1999-1369		+Priv	1999-04-14	2016-10-18	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges.
2	CVE-1999-1323			1999-04-09	2016-10-18	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE.
3	CVE-1999-1245		+Info	1999-04-06	2017-12-19	5.0	None	Remote	Low	Not required	Partial	None	None
vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information.
4	CVE-1999-1244			1999-04-15	2017-12-19	7.2	None	Local	Low	Not required	Complete	Complete	Complete
IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.
5	CVE-1999-1196		DoS	1999-04-07	2008-09-05	5.0	None	Remote	Low	Not required	None	None	Partial
Hummingbird Exceed X version 5 allows remote attackers to cause a denial of service via malformed data to port 6000.
6	CVE-1999-0921		DoS	1999-04-01	2008-09-09	5.0	None	Remote	Low	Not required	None	None	Partial
BMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.
7	CVE-1999-0801			1999-04-09	2008-09-09	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.
8	CVE-1999-0711		Exec Code	1999-04-29	2016-10-18	4.6	None	Local	Low	Not required	Partial	Partial	Partial
The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root.
9	CVE-1999-0684		DoS	1999-04-19	2008-09-09	5.0	None	Remote	Low	Not required	None	None	Partial
Denial of service in Sendmail 8.8.6 in HPUX.
10	CVE-1999-0610			1999-04-01	2016-10-18	5.0	None	Remote	Low	Not required	Partial	None	None
An incorrect configuration of the Webcart CGI program could disclose private information.
11	CVE-1999-0609			1999-04-01	2016-10-18	5.0	None	Remote	Low	Not required	Partial	None	None
An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information.
12	CVE-1999-0608			1999-04-01	2017-10-10	5.0	None	Remote	Low	Not required	Partial	None	None
An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information.
13	CVE-1999-0607		+Priv	1999-04-20	2016-10-18	5.0	None	Remote	Low	Not required	Partial	None	None
quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges.
14	CVE-1999-0606	200	+Info	1999-04-01	2016-10-18	5.0	None	Remote	Low	Not required	Partial	None	None
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information.
15	CVE-1999-0605	200	+Info	1999-04-01	2016-10-18	5.0	None	Remote	Low	Not required	Partial	None	None
An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information.
16	CVE-1999-0604			1999-04-20	2016-10-18	5.0	None	Remote	Low	Not required	Partial	None	None
An incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information.
17	CVE-1999-0492			1999-04-23	2005-10-20	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses.
18	CVE-1999-0491	94	Exec Code	1999-04-20	2014-12-31	4.6	None	Local	Low	Not required	Partial	Partial	Partial
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
19	CVE-1999-0490			1999-04-21	2021-07-22	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag.
20	CVE-1999-0488			1999-04-21	2021-07-22	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability.
21	CVE-1999-0474			1999-04-05	2008-09-09	5.0	None	Remote	Low	Not required	Partial	None	None
The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory.
22	CVE-1999-0472			1999-04-07	2008-09-09	5.0	None	Remote	Low	Not required	Partial	None	None
The SNMP default community name "public" is not properly removed in NetApps C630 Netcache, even if the administrator tries to disable it.
23	CVE-1999-0471			1999-04-09	2008-09-09	5.0	None	Remote	Low	Not required	Partial	None	None
The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authentication through the "cancel" button.
24	CVE-1999-0470			1999-04-09	2008-09-09	5.0	None	Remote	Low	Not required	Partial	None	None
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.
25	CVE-1999-0469			1999-04-01	2021-07-22	5.0	None	Remote	Low	Not required	Partial	None	None
Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client.
26	CVE-1999-0467			1999-04-01	2008-09-09	5.0	None	Remote	Low	Not required	Partial	None	None
The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter.
27	CVE-1999-0466			1999-04-21	2008-09-09	7.2	None	Local	Low	Not required	Complete	Complete	Complete
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.
28	CVE-1999-0447		+Priv	1999-04-01	2013-07-23	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Local users can gain privileges using the debug utility in the MPE/iX operating system.
29	CVE-1999-0445			1999-04-01	2008-09-09	5.0	None	Remote	Low	Not required	Partial	None	None
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
30	CVE-1999-0444		DoS	1999-04-12	2008-09-09	5.0	None	Remote	Low	Not required	None	None	Partial
Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.
31	CVE-1999-0443			1999-04-01	2008-09-09	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password.
32	CVE-1999-0439		Exec Code Overflow	1999-04-05	2008-09-09	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.
33	CVE-1999-0287			1999-04-09	2008-09-09	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Vulnerability in the Wguest CGI program.

Total number of vulnerabilities : 33 Page : 1 (This Page)