Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1705Microsoft Internet Explorer vulnerability

4 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
39.9%
top 2.66%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedDec 31
Latest updateApr 30

Description

Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-5cfv-5qf6-jmcq: Microsoft Internet Explorer 52022-04-30

💥Exploits & PoCs

2
Exploit-DB
Microsoft Internet Explorer 5/6 - CSSText Bold Font Denial of Service2002-06-15
Exploit-DB
Cisco Secure ACS for Windows NT 2.42 - Remote Buffer Overflow2000-09-21
CVE-2002-1705 — Microsoft vulnerability | cvebase