CVE-2001-1489

Microsoft Internet Explorer 6 - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-1489.

AI-analyzed exploit summary This exploit leverages a denial-of-service vulnerability in multiple web browsers on Microsoft Windows by generating an excessive number of image tags via JavaScript, causing resource exhaustion. The script dynamically writes 100 million image tags, overwhelming the browser's ability to process them.

Description

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.

Exploits (1)

exploitdb WORKING POC
dosmultiple
https://www.exploit-db.com/exploits/21181

This exploit leverages a denial-of-service vulnerability in multiple web browsers on Microsoft Windows by generating an excessive number of image tags via JavaScript, causing resource exhaustion. The script dynamically writes 100 million image tags, overwhelming the browser's ability to process them.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Multiple web browsers on Microsoft Windows (specific versions not specified)
No auth needed
Prerequisites: Victim must visit a webpage containing the malicious script
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7709
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/245152
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3684

Scores

EPSS 0.1766
EPSS Percentile 96.8%

Details

Status published
Products (1)
microsoft/ie 6 windows_server_2003_sp1
Published Dec 31, 2001
Tracked Since Feb 18, 2026