CVE-2004-1922 — Microsoft Internet Explorer vulnerability

6 documents6 sources

Severity

2.6LOWNVD

EPSS

5.1%

top 10.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedApr 11

Latest updateApr 29

Description

Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer5.5, 6.0+1

🔴Vulnerability Details

GHSA

GHSA-wcj2-4gw4-246h: Microsoft Internet Explorer 5↗2022-04-29

▶

CVEList

CVE-2004-1922: Microsoft Internet Explorer 5↗2005-05-10

▶

💥Exploits & PoCs

Exploit-DB

Shopware 5.2.5/5.3 - Cross-Site Scripting↗2018-01-21

▶

📋Vendor Advisories

Red Hat

kvm: qemu-nbd block format auto-detection vulnerability↗2013-04-15

▶

💬Community

Bugzilla

CVE-2013-1922 qemu, qemu-kvm, kvm: qemu-nbd block format auto-detection vulnerability↗2013-03-19

▶