CVE-2010-2118

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6.0.2900.2180 through 8.0.7600.16385

Description The issue allows remote attackers to cause a denial of service due to resource consumption. This is achieved through JavaScript code that contains an infinite loop, which creates IFRAME elements for invalid news:// URIs.

Recommendations For Microsoft Internet Explorer versions 6.0.2900.2180 through 8.0.7600.16385, consider disabling JavaScript execution until a patch is available to prevent exploitation. Restrict access to news:// URIs in the browser to minimize the risk of resource consumption.