Denial of Service Vulnerability in Microsoft Internet Explorer
CVE-2010-1991

Currently unrated

Key Information:

Vendor: Microsoft
Status: Ie; Internet Explorer
Vendor: CVE Published:; 20 May 2010

What is CVE-2010-1991?

A vulnerability in Microsoft Internet Explorer versions 6 through 8 allows remote attackers to execute a mail application inadvertently due to the misconfiguration of IFRAME elements containing 'mailto:' URLs. An attacker can exploit this flaw by delivering an HTML document with numerous IFRAME elements, leading to a denial of service through excessive application launches.

References

http://websecurity.com.ua/4206/

x_refsource_MISC

http://www.securityfocus.com/archive/1/511327/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

13% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2010
Vulnerability Reserved
May 20, 2010