CVE-2006-0830 — Infinite Loop in Microsoft Internet Explorer

2 documents2 sources

Severity

7.5HIGHNVD

EPSS

21.8%

top 4.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedFeb 21

Latest updateMay 1

Description

The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetting the "location" variable within the loop.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer6.0.2900

🔴Vulnerability Details

GHSA

GHSA-p6m5-7rpv-gjcj: The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary c↗2022-05-01

▶