LiveActive security incident?Get immediate response
CVE archive

April 1999

Browse CVE records published in April 1999, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 44 of 44 matching CVEs · Page 1 of 1.

Unknown · CVSS Not scored

CVE-1999-1582: By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrar...

By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality.

Published Apr 21, 2005 · Updated Aug 1, 2024

Unknown · CVSS Not scored

CVE-1999-1575: The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.oc...

The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.

Published Apr 21, 2005 · Updated Aug 1, 2024