CVE-2010-2118 - Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a deni

CVE-2010-2118

Summary

Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.

References

Vulnerable Configurations

cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0.2900.2180:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:8.0.7600.16385:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:8.0.7600.16385:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 23-07-2021 - 15:04)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

refmap via4

bugtraq	20100528 [Suspected Spam]DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera
misc	http://websecurity.com.ua/4238/

Last major update

23-07-2021 - 15:04

Published

01-06-2010 - 20:30

Last modified

23-07-2021 - 15:04