CVE-2004-1922

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.5 through 6.0

Description The issue allows remote attackers to cause a denial of service due to memory consumption. This is achieved by using a small BMP file that has a large memory size, which causes the software to allocate memory based on the written memory size instead of the actual file size.

Recommendations For Microsoft Internet Explorer versions 5.5 through 6.0, consider avoiding the use of BMP files with large memory sizes until a fix is available. As a temporary workaround, restrict access to potentially malicious BMP files to minimize the risk of exploitation.