Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-3270 — Uncontrolled Resource Consumption in Microsoft Internet Explorer

CWE-400 — Uncontrolled Resource Consumption5 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

41.5%

top 2.58%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Internet Explorer Apple Itunes Apple Itunes 12.6 FOR Windows

Timeline

PublishedSep 18

Latest updateMay 2

Description

Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶NVDmicrosoft/internet_explorer7.0 — 7.0.6000.16711

▶Appleapple/itunes_12.6_for_windows

▶Appleapple/itunes12.6

🔴Vulnerability Details

GHSA

GHSA-73pf-mvfq-rghp: Microsoft Internet Explorer 7 through 7↗2022-05-02

▶

💥Exploits & PoCs

Exploit-DB

Multiple Browsers - 'window.print()' Denial of Service↗2010-05-04

▶

📋Vendor Advisories

Apple

CVE-2009-3270: iTunes 12.6 for Windows↗2017-03-21

▶

Apple

CVE-2009-3270: iTunes 12.6↗2017-03-21

▶