Lucene search
HistoryAug 24, 2009 - 3:30 p.m.
CVE-2009-2954
microsoft
internet explorer
cve-2009-2954
javascript
denial of service
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.7 Medium
AI Score
Confidence
Low
0.026 Low
EPSS
Percentile
90.3%
Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.
Affected configurations
Node
microsoftinternet_explorerRangeβ€6.0.2900.2180
ORmicrosoftinternet_explorerMatch3.0
ORmicrosoftinternet_explorerMatch3.0.1
ORmicrosoftinternet_explorerMatch3.0.2
ORmicrosoftinternet_explorerMatch3.1
ORmicrosoftinternet_explorerMatch3.2
ORmicrosoftinternet_explorerMatch4.0
ORmicrosoftinternet_explorerMatch4.0.1
ORmicrosoftinternet_explorerMatch4.0.1sp1
ORmicrosoftinternet_explorerMatch4.0.1sp2
ORmicrosoftinternet_explorerMatch4.01
ORmicrosoftinternet_explorerMatch4.1
ORmicrosoftinternet_explorerMatch4.01sp1
ORmicrosoftinternet_explorerMatch4.5
ORmicrosoftinternet_explorerMatch4.40.308
ORmicrosoftinternet_explorerMatch4.40.520
ORmicrosoftinternet_explorerMatch4.70.1155
ORmicrosoftinternet_explorerMatch4.70.1158
ORmicrosoftinternet_explorerMatch4.70.1215
ORmicrosoftinternet_explorerMatch4.70.1300
ORmicrosoftinternet_explorerMatch4.71.544
ORmicrosoftinternet_explorerMatch4.71.1008.3
ORmicrosoftinternet_explorerMatch4.71.1712.6
ORmicrosoftinternet_explorerMatch4.72.2106.8
ORmicrosoftinternet_explorerMatch4.72.3110.8
ORmicrosoftinternet_explorerMatch4.72.3612.1713
ORmicrosoftinternet_explorerMatch5
ORmicrosoftinternet_explorerMatch5.0
ORmicrosoftinternet_explorerMatch5.0.1
ORmicrosoftinternet_explorerMatch5.0.1sp1
ORmicrosoftinternet_explorerMatch5.0.1sp2
ORmicrosoftinternet_explorerMatch5.0.1sp3
ORmicrosoftinternet_explorerMatch5.0.1sp4
ORmicrosoftinternet_explorerMatch5.00.0518.10
ORmicrosoftinternet_explorerMatch5.00.0910.1309
ORmicrosoftinternet_explorerMatch5.00.2014.0216
ORmicrosoftinternet_explorerMatch5.00.2314.1003
ORmicrosoftinternet_explorerMatch5.00.2516.1900
ORmicrosoftinternet_explorerMatch5.00.2614.3500
ORmicrosoftinternet_explorerMatch5.00.2919.800
ORmicrosoftinternet_explorerMatch5.00.2919.3800
ORmicrosoftinternet_explorerMatch5.00.2919.6307
ORmicrosoftinternet_explorerMatch5.00.2920.0000
ORmicrosoftinternet_explorerMatch5.00.3103.1000
ORmicrosoftinternet_explorerMatch5.00.3105.0106
ORmicrosoftinternet_explorerMatch5.00.3314.2101
ORmicrosoftinternet_explorerMatch5.00.3315.1000
ORmicrosoftinternet_explorerMatch5.00.3502.1000
ORmicrosoftinternet_explorerMatch5.00.3700.1000
ORmicrosoftinternet_explorerMatch5.01
ORmicrosoftinternet_explorerMatch5.1
ORmicrosoftinternet_explorerMatch5.01sp1
ORmicrosoftinternet_explorerMatch5.01sp2
ORmicrosoftinternet_explorerMatch5.01sp3
ORmicrosoftinternet_explorerMatch5.01sp4
ORmicrosoftinternet_explorerMatch5.2.3
ORmicrosoftinternet_explorerMatch5.5
ORmicrosoftinternet_explorerMatch5.5preview
ORmicrosoftinternet_explorerMatch5.5sp1
ORmicrosoftinternet_explorerMatch5.5sp2
ORmicrosoftinternet_explorerMatch5.50.3825.1300
ORmicrosoftinternet_explorerMatch5.50.4030.2400
ORmicrosoftinternet_explorerMatch5.50.4134.0100
ORmicrosoftinternet_explorerMatch5.50.4134.0600
ORmicrosoftinternet_explorerMatch5.50.4308.2900
ORmicrosoftinternet_explorerMatch5.50.4522.1800
ORmicrosoftinternet_explorerMatch5.50.4807.2300
ORmicrosoftinternet_explorerMatch6
ORmicrosoftinternet_explorerMatch6.0
ORmicrosoftinternet_explorerMatch6.00.2462.0000
ORmicrosoftinternet_explorerMatch6.00.2479.0006
ORmicrosoftinternet_explorerMatch6.0.2600
ORmicrosoftinternet_explorerMatch6.00.2600.0000
ORmicrosoftinternet_explorerMatch6.0.2800
ORmicrosoftinternet_explorerMatch6.0.2800.1106
ORmicrosoftinternet_explorerMatch6.0.2900
Related
cvelist
cvelist
prion
prion
Design/Logic Flaw
2009-08-24 15:30:00
Code injection
2008-12-24 18:29:00
Design/Logic Flaw
2009-08-24 15:30:00
nvd
nvd
openvas
openvas
Microsoft Internet Explorer 'location.hash' DOS Vulnerability
2009-08-26 00:00:00
Microsoft Internet Explorer 'location.hash' DOS Vulnerability
2009-08-26 00:00:00
Mozilla Firefox location.hash Remote DoS Vulnerability
2008-12-29 00:00:00
ubuntucve
ubuntucve
CVE-2008-5715
2008-12-24 00:00:00
CVE-2009-2953
2009-08-24 00:00:00
seebug
seebug
Mozilla Firefox location.hashθΏη¨ζη»ζε‘ζΌζ΄
2008-12-30 00:00:00
cve
cve
redhatcve
redhatcve
CVE-2008-5715
2015-10-30 09:18:19
debiancve
debiancve
CVE-2009-2955
2009-08-24 15:30:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.7 Medium
AI Score
Confidence
Low
0.026 Low
EPSS
Percentile
90.3%
Related for CVE-2009-2954