Vulnerability in Microsoft Ie

CVE-2010-2118

Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.

EPSS: 0.101 (95.0th percentile) — read the EPSS interpretation.

Affected products

Microsoft Ie — versions 8.0.7600.16385
Microsoft Internet_explorer — versions 6.0.2900.2180
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)