CVE-2010-1991

2010-05-2017:30:01

CWE-399

[email protected]

web.nvd.nist.gov

microsoft

internet explorer

cve-2010-1991

denial of service

remote attackers

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.5%

JSON

Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.

Affected configurations

NVD

Node

microsoftieMatch8.0.7600.16385

microsoftinternet_explorerMatch6.0.2900.2180

microsoftinternet_explorerMatch7

microsoftinternet_explorerMatch7.0

CPENameOperatorVersion
microsoft:iemicrosoft ieeq8.0.7600.16385
microsoft:internet_explorermicrosoft internet explorereq6.0.2900.2180
microsoft:internet_explorermicrosoft internet explorereq7
microsoft:internet_explorermicrosoft internet explorereq7.0

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	8.0.7600.16385
microsoft:internet_explorer	microsoft internet explorer	eq	6.0.2900.2180
microsoft:internet_explorer	microsoft internet explorer	eq	7
microsoft:internet_explorer	microsoft internet explorer	eq	7.0