CVE-1999-1453

Internet Explorer 4 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-1453. PoCs published by Juan Carlos Garcia Cuartango.

AI-analyzed exploit summary This exploit leverages the Microsoft Forms 2.0 TextBox ActiveX object to bypass security restrictions and access clipboard data without user knowledge. The PoC demonstrates how clipboard content can be exfiltrated to a web form via JavaScript.

Description

Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Juan Carlos Garcia Cuartango · textremotewindows
https://www.exploit-db.com/exploits/19164

This exploit leverages the Microsoft Forms 2.0 TextBox ActiveX object to bypass security restrictions and access clipboard data without user knowledge. The PoC demonstrates how clipboard content can be exfiltrated to a web form via JavaScript.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Forms 2.0 TextBox ActiveX (via Visual Basic 5.0, Project 98, Outlook 98, or Office 97)
No auth needed
Prerequisites: Microsoft Forms 2.0 TextBox ActiveX installed (via VB5, Project 98, Outlook 98, or Office 97) · User visits a malicious webpage
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_ntbugtraq
http://marc.info/?l=ntbugtraq&m=91979439932341&w=2
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/215

Scores

EPSS 0.1122
EPSS Percentile 95.4%

Details

Status published
Products (1)
microsoft/internet_explorer 4.0
Published Feb 02, 1999
Tracked Since Feb 18, 2026