Vulnerabilities > CVE-2004-2011 - Unspecified vulnerability in Microsoft Internet Explorer 6.0.2600

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

high complexity

microsoft

NVD

Published: 2004-12-31

Updated: 2021-07-23

Summary

msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a <Ref href> link, which triggers a parsing error, possibly due to missing portions of the URI.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 6.0.2600	1

References

http://marc.info/?l=bugtraq&m=108422549617947&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/16112