Vulnerabilities > CVE-2009-2668 - Resource Management Errors vulnerability in Microsoft Internet Explorer 6/7

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

microsoft

CWE-399

NVD

Published: 2009-08-05

Updated: 2009-08-06

Summary

Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0.6000.16473 allows remote attackers to cause a denial of service (CPU consumption) via an XML document composed of a long series of start-tags with no corresponding end-tags, a related issue to CVE-2009-1232.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 6 Microsoft Internet Explorer 7	2

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://archives.neohapsis.com/archives/bugtraq/2009-07/0193.html
http://websecurity.com.ua/3216/