CVE-2009-0072 — Microsoft Internet Explorer vulnerability

2 documents2 sources

Severity

4.3MEDIUMNVD

EPSS

10.2%

top 6.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedJan 8

Latest updateMay 2

Description

Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote attackers to cause a denial of service (application crash) via an onload=screen[""] attribute value in a BODY element.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer6, 7, 8+2

🔴Vulnerability Details

GHSA

GHSA-xc49-m3g9-p285: Microsoft Internet Explorer 6↗2022-05-02

▶