CVE-2004-2011 — Microsoft Internet Explorer vulnerability

15 documents5 sources
Severity
2.6LOWNVD
EPSS
9.5%
top 7.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedDec 31
Latest updateApr 29

Description

msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a link, which triggers a parsing error, possibly due to missing portions of the URI.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

â–¶NVDmicrosoft/internet_explorer6.0.2600

🔴Vulnerability Details

1
GHSA
GHSA-v8mh-rhjf-h2w7: msxml3↗2022-04-29
â–¶

💥Exploits & PoCs

4
Exploit-DB
Beckhoff TwinCAT 2.11.0.2004 - Denial of Service↗2011-09-14
â–¶
Exploit-DB
Zinf Audio Player 2.2.1 - '.pls' Local Buffer Overflow (DEP Bypass)↗2011-08-03
â–¶
Exploit-DB
Adobe Reader 5.1 - XFDF Buffer Overflow (SEH)↗2011-07-04
â–¶
Exploit-DB
Microsoft Host Integration Server 2004-2010 - Remote Denial of Service↗2011-04-11
â–¶

📋Vendor Advisories

1
Red Hat
libpng: regression of CVE-2004-0421 in 1.2.23+↗2011-06-07
â–¶

💬Community

6
Bugzilla
CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+ [epel-6]↗2011-06-29
â–¶
Bugzilla
CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+ [fedora-all]↗2011-06-29
â–¶
Bugzilla
CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+ [epel-5]↗2011-06-29
â–¶
Bugzilla
CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+ [fedora-all]↗2011-06-29
â–¶
Bugzilla
CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+↗2011-06-27
â–¶
CVE-2004-2011 — Microsoft vulnerability | cvebase