Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-0811Microsoft IE vulnerability

4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
46.9%
top 2.32%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft IE
Timeline
PublishedFeb 7
Latest updateMay 1

Description

Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving getElementById.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDmicrosoft/ie6, 6.0+1

🔴Vulnerability Details

2
GHSA
GHSA-rfc6-x8j6-pfwg: Microsoft Internet Explorer 62022-05-01
CVEList
CVE-2007-0811: Microsoft Internet Explorer 62007-02-07

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 6 - 'mshtml.dll' Null Pointer Dereference2007-02-05