CVE-1999-1206

SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a malicious web page that references (1) the Launch control, or (2) the RegObj control.

Publication date: Fri, 31 Dec 1999 11:00:00 +0000

Cyber News related to CVE-1999-1206

CVE-1999-0282 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reason: This candidate combined references from one issue with the description from another issue. Notes: Users should consult CVE-1999-1584 and ...
55 years ago Tenable.com

CVE-1999-1206 - SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands ...
8 years ago

CVE-1999-0187 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0022. Reason: This candidate is a duplicate of CVE-1999-0022. Notes: All CVE users should reference CVE-1999-0022 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-1999-0110 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0315. Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315. Notes: All CVE users should reference ...
55 years ago Tenable.com

CVE-1999-0020 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-1999-1108 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1107. Reason: This candidate is a duplicate of CVE-1999-1107. Notes: All CVE users should reference CVE-1999-1107 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-1999-0335 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-1999-1310 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1022. Reason: This candidate is a duplicate of CVE-1999-1022. Notes: All CVE users should reference CVE-1999-1022 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-1999-1056 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1395. Reason: This candidate is a duplicate of CVE-1999-1395. Notes: All CVE users should reference CVE-1999-1395 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-2010-2454 - Apple Safari does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks via a crafted HTML document, a related issue ...
7 years ago

CVE-2007-1973 - Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206. ...
6 years ago

CVE-2010-2455 - Opera does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks via a crafted HTML document, a related issue to ...
6 years ago

CVE-2016-1206 - The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-GDN/R3-S, and WN-GDN/R3-U devices does not limit PIN guesses, which allows remote attackers to obtain network access via a brute-force attack. ...
8 years ago

CVE-2001-1206 - Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the $error_log variable. ...
8 years ago

CVE-2003-1206 - Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir. ...
7 years ago

CVE-2004-1206 - Directory traversal vulnerability in codebrowserpntm.php in pnTresMailer 6.0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the filetodownload parameter. ...
7 years ago

CVE-2008-1206 - Format string vulnerability in the log_message function in lks.c in Linux Kiss Server 1.2, when background (daemon) mode is disabled, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers ...
7 years ago

CVE-2009-1206 - Unspecified vulnerability in futomi's CGI Cafe Access Analyzer CGI Professional Version 4.11.5 and earlier allows remote attackers to gain administrative privileges via unknown vectors. ...
7 years ago

CVE-2011-1206 - Stack-based buffer overflow in the server process in ibmslapd.exe in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 ...
7 years ago

CVE-2012-1206 - Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote attackers to execute arbitrary code via large dimension values in a (1) JPG image to the ImportGR in the JPG image filter module (HncJpeg10.flt) or (2) PNG image to the PNG image ...
1 year ago

CVE-2010-1206 - The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the ...
7 years ago

CVE-2015-1206 - Heap-based buffer overflow in Google Chrome before M40 allows remote attackers to cause a denial of service (unpaged memory write and process crash) via a crafted MP4 file. ...
7 years ago

CVE-2018-1206 - Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection Advisor versions prior to 6.4 Patch 110 contain a hardcoded database account with administrative privileges. The affected account is ...
6 years ago

CVE-2014-1206 - SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php. ...
6 years ago

CVE-2005-1206 - Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka the "Server Message Block ...
6 years ago

Latest Cyber News

Japan Goes on Offense With New 'Active Cyber Defense' Bill - 2 minutes ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 2 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 2 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 2 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 3 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 4 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 6 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 6 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 6 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 7 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 8 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 9 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 9 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 9 hours ago
CVE-2025-1207 - 9 hours ago
CVE-2025-0556 - 9 hours ago
CVE-2025-1206 - 10 hours ago
CVE-2025-1212 - 10 hours ago
CVE-2025-1244 - 10 hours ago
CVE-2025-1202 - 10 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Japan Goes on Offense With New 'Active Cyber Defense' Bill - 2 minutes ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 2 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 2 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 2 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 3 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 4 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 6 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 9 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 8 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 7 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 6 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 9 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 9 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 6 hours ago
CVE-2023-40721 - 1 day ago
CVE-2024-12755 - 1 day ago
CVE-2024-12756 - 1 day ago
CVE-2024-27780 - 1 day ago
CVE-2024-27781 - 1 day ago
CVE-2024-33504 - 1 day ago