Vulnerabilities > CVE-2006-0830 - Unspecified vulnerability in Microsoft Internet Explorer 6.0.2900

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2006-02-21

Updated: 2021-07-23

Summary

The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetting the "location" variable within the loop.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 6.0.2900	1

References

http://www.securityfocus.com/archive/1/425378/100/0/threaded
http://www.securityfocus.com/bid/16687
https://exchange.xforce.ibmcloud.com/vulnerabilities/24788
http://www.securityfocus.com/archive/1/425283/100/0/threaded