CVE-2010-2118

CWE-3994 documents4 sources
Severity
4.3MEDIUM
EPSS
12.9%
top 5.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedJun 1
Latest updateMay 13

Description

Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDmicrosoft/internet_explorer6.0.2900.2180
NVDmicrosoft/ie8.0.7600.16385

🔴Vulnerability Details

2
GHSA
GHSA-8h5f-fg8r-h935: Microsoft Internet Explorer 62022-05-13
CVEList
CVE-2010-2118: Microsoft Internet Explorer 62010-06-01

💥Exploits & PoCs

1
Exploit-DB
AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Remote Buffer Overflow2000-12-12
CVE-2010-2118 (MEDIUM CVSS 4.3) | Microsoft Internet Explorer 6.0.290 | cvebase.io