Unrated severityNVD Advisory· Published Dec 31, 1999· Updated Jun 16, 2026
CVE-1999-1246
CVE-1999-1246
Description
Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.
Affected products
2cpe:2.3:a:microsoft:site_server:3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:site_server:3.0:*:*:*:*:*:*:*
- (no CPE)range: = 3.0
Patches
Vulnerability mechanics
References
2- support.microsoft.com/support/kb/articles/Q229/9/72.aspnvdPatchVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/2068nvd
News mentions
0No linked articles in our index yet.