CVE-2009-3267

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 through 6.0.2900.2180 Microsoft Internet Explorer version 7.0.6000.16711

Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by submitting a form that contains a KEYGEN element. This results in excessive resource utilization.

Recommendations For Microsoft Internet Explorer versions 6 through 6.0.2900.2180, consider disabling the automatic submission of forms containing KEYGEN elements as a temporary workaround. For Microsoft Internet Explorer version 7.0.6000.16711, restrict access to forms with KEYGEN elements to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.