Denial of Service Vulnerability in Microsoft Internet Explorer
CVE-2009-2576

Currently unrated

Key Information:

Vendor: Microsoft
Status: Ie; Internet Explorer
Vendor: CVE Published:; 22 July 2009

Summary

Microsoft Internet Explorer versions 6.0.2900.2180 and earlier, as well as versions 7.0.6000.16473 and earlier, are susceptible to a denial of service attack. This vulnerability arises when specifically crafted long Unicode string arguments are passed to the write method, leading to excessive CPU and memory consumption. Attackers can exploit this weakness to disrupt user access and cripple browser functionality, creating significant usability issues.

References

http://websecurity.com.ua/3338/

x_refsource_MISC

http://archives.neohapsis.com/archives/bugtraq/2009-07/01...

mailing-listx_refsource_BUGTRAQ

http://archives.neohapsis.com/archives/bugtraq/2009-07/01...

mailing-listx_refsource_BUGTRAQ

EPSS Score

30% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 22, 2009
Vulnerability Reserved
Jul 22, 2009