Lucene search

[email protected]CVE-2007-0811

HistoryFeb 07, 2007 - 11:28 a.m.

CVE-2007-0811

2007-02-0711:28:00

[email protected]

web.nvd.nist.gov

cve-2007-0811

microsoft internet explorer

denial of service

nvd

vulnerability

javascript

getelementbyid

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.926 High

EPSS

Percentile

99.0%

JSON

Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving getElementById.

Affected configurations

NVD

Node

microsoftieMatch6windows_2000

microsoftieMatch6.0sp2windows_xp

CPENameOperatorVersion
microsoft:iemicrosoft ieeq6
microsoft:iemicrosoft ieeq6.0

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	6
microsoft:ie	microsoft ie	eq	6.0

References

osvdb.org/37636

www.powerhacker.net/exploit/IE_NULL_CRASH.html

www.securityfocus.com/bid/22408

www.exploit-db.com/exploits/3272

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.926 High

EPSS

Percentile

99.0%

JSON

Related for CVE-2007-0811

nvd1 cvelist1 prion1