Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1714Microsoft IE vulnerability

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
19.7%
top 4.56%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedDec 31
Latest updateApr 30

Description

Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDmicrosoft/internet_explorer5.0, 5.5, 6.0+2
NVDmicrosoft/ie6.0

🔴Vulnerability Details

2
GHSA
GHSA-vq33-xjhq-gcxv: Microsoft Internet Explorer 52022-04-30
CVEList
CVE-2002-1714: Microsoft Internet Explorer 52005-06-21

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service2002-04-20
CVE-2002-1714 — Microsoft IE vulnerability | cvebase