Vulnerabilities > CVE-2010-2118 - Resource Management Errors vulnerability in Microsoft IE and Internet Explorer

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

microsoft

CWE-399

NVD

Published: 2010-06-01

Updated: 2021-07-23

Summary

Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Internet Explorer 6.0.2900.2180 Microsoft IE 8.0.7600.16385	2

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://websecurity.com.ua/4238/
http://www.securityfocus.com/archive/1/511509/100/0/threaded