CVE-2009-2668

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 through 6.0.2900.2180 Microsoft Internet Explorer versions 7 through 7.0.6000.16473

Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by using an XML document composed of a long series of start-tags with no corresponding end-tags.

Recommendations For Microsoft Internet Explorer versions 6 through 6.0.2900.2180, update to a version later than 6.0.2900.2180 to resolve the issue. For Microsoft Internet Explorer versions 7 through 7.0.6000.16473, update to a version later than 7.0.6000.16473 to resolve the issue. As a temporary workaround, consider restricting the processing of XML documents with unbalanced tags to minimize the risk of exploitation.