cpe:/a:microsoft:ie:4.0.1 cpe:/a:microsoft:ie:4.0.1:sp1 CVE-1999-0870 1998-10-01T00:00:00.000-04:00 2008-09-09T08:36:04.290-04:00 2.6 NETWORK HIGH NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 MS MS98-015 Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.