DoS vulnerability in Internet Explorer

2009.11.18
Credit: MustLive
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Partial

I want to warn you about Denial of Service vulnerability in Internet Explorer. Yesterday I already informed Microsoft. This attack I called DoS via homepage. DoS: http://websecurity.com.ua/uploads/2009/IE%20DoS%20Exploit10.html With this exploit in IE6 the browser blocks, so it's become impossible to use it and it's only possible to close it (via Task Manager). With this exploit in IE7 the browser freezes after click on the link . Vulnerable versions are Internet Explorer 6 (6.0.2900.2180), Internet Explorer 7 (7.0.6000.16711) and previous versions (and possible next versions too). I mentioned about this vulnerability at my site (http://websecurity.com.ua/3658/). Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua

References:

http://www.securityfocus.com/archive/1/archive/1/507760/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/507731/100/0/threaded
http://websecurity.com.ua/3658/


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top