CVE Catalog
CVE-1999-0870
LowExploitation Probability (EPSS)
Very high risk12.54%
96th percentile — higher than 96% of all known CVEs
Summary
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, known as untrusted scripted paste.
Risk Assessment
Attackers may gain access to sensitive data on the server, posing a serious threat to information security within the organization.
Recommendation
It is recommended to update Internet Explorer to the latest version or use alternative solutions to minimize the risk.
Original NVD description (English source)
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.

