PT-2004-2907 · Microsoft · Internet Explorer+1

Published

2004-12-31

Updated

2021-07-23

CVE-2004-2011

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Internet Explorer version 6.0.2600.0

Description The issue allows remote attackers to cause a denial of service, resulting in a crash, by exploiting a parsing error in msxml3.dll. This error is triggered by a single & (ampersand) in a link, possibly due to missing portions of the URI.

Recommendations For Internet Explorer version 6.0.2600.0, consider avoiding the use of single & (ampersand) characters in links to prevent the parsing error until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2011

Affected Products

Internet Explorer

Msxml3.Dll

PT-2004-2907 · Microsoft · Internet Explorer+1

CVE-2004-2011

Related Identifiers

Affected Products

References · 3