Back to search
CVE-1999-1087
Published: Mar 9, 2002
Modified: Aug 1, 2024
PUBLISHED
Description
Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.microsoft.com/Windows/Ie/security/dotless.asp
x_refsource_CONFIRM
7828
vdb-entry
x_refsource_OSVDB
MS98-016
vendor-advisory
x_refsource_MS
Q168617
vendor-advisory
x_refsource_MSKB
ie-dotless(2209)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now