CVE-1999-0877

Internet Explorer 5 - Unauthenticated Exposure of Sensitive Information via IFRAME ExecCommand

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0877. PoCs published by Georgi Guninski.

AI-analyzed exploit summary This exploit leverages a vulnerability in Internet Explorer 5.0 where the document.execCommand method, when called from within an IFRAME, can bypass security restrictions to read local files. The PoC demonstrates reading the contents of a local file (c:\test.txt) and potentially executing arbitrary code via an expression.

Description

Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Georgi Guninski · textremotewindows
https://www.exploit-db.com/exploits/19539

This exploit leverages a vulnerability in Internet Explorer 5.0 where the document.execCommand method, when called from within an IFRAME, can bypass security restrictions to read local files. The PoC demonstrates reading the contents of a local file (c:\test.txt) and potentially executing arbitrary code via an expression.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4, Internet Explorer 4.0.1 for Windows 98/Windows NT 4.0/Unix 5.0
No auth needed
Prerequisites: Victim must visit a malicious webpage · Local file (c:\test.txt) must exist
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory vendor-advisory x_refsource_mskb
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ243638

Scores

EPSS 0.1767
EPSS Percentile 96.8%

Details

CWE
CWE-200
Status published
Products (2)
microsoft/internet_explorer 4.01 (2 CPE variants)
microsoft/internet_explorer 5.0
Published Oct 01, 1999
Tracked Since Feb 18, 2026