CVE-1999-1575

high

Description

The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7097

https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037

http://www.securityfocus.com/archive/1/28719

http://www.kb.cert.org/vuls/id/9162

http://www.kb.cert.org/vuls/id/41408

http://www.kb.cert.org/vuls/id/26924

http://www.kb.cert.org/vuls/id/24839

http://www.kb.cert.org/vuls/id/23412

Details

Source: Mitre, NVD

Published: 1999-09-10

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.35629