CVE-2010-1991

CWE-3993 documents3 sources
Severity
5.0MEDIUM
EPSS
13.7%
top 5.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedMay 20
Latest updateMay 13

Description

Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDmicrosoft/internet_explorer6.0.2900.2180, 7, 7.0+2
NVDmicrosoft/ie8.0.7600.16385

🔴Vulnerability Details

2
GHSA
GHSA-55mp-fxfv-hr5j: Microsoft Internet Explorer 62022-05-13
CVEList
CVE-2010-1991: Microsoft Internet Explorer 62010-05-20
CVE-2010-1991 (MEDIUM CVSS 5) | Microsoft Internet Explorer 6.0.290 | cvebase.io