CVE-1999-1094

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 31, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1094 is a buffer overflow vulnerability affecting Internet Explorer 4.01 and earlier versions. Malicious URLs with the "mk:" protocol can be used by remote attackers to execute arbitrary commands on victim's systems. The issue arises due to insufficient bounds checking on URL input, leading to buffer overflow and potential code execution. This vulnerability, known as the "MK Overrun security issue," posed a significant risk to users browsing the web during that time.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Internet Explorer

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlPLN
https://www.cve.org/CVERecord?id=CVE-1999-1094
https://nvd.nist.gov/vuln/detail/CVE-1999-1094

Back to Vulnerability Database