Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-1489 — Missing Release of Memory after Effective Lifetime in Microsoft IE

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
12.5%
top 6.05%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft IE
Timeline
PublishedDec 31
Latest updateApr 30

Description

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

â–¶NVDmicrosoft/ie6

🔴Vulnerability Details

2
GHSA
GHSA-rjxw-5c3j-xv84: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large numbe↗2022-04-30
â–¶
CVEList
CVE-2001-1489: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large numbe↗2005-06-21
â–¶

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 6.0 / Mozilla 0.9.6 / Opera 5.1 - Image Count Denial of Service↗2001-12-11
â–¶
CVE-2001-1489 — Microsoft IE vulnerability | cvebase