Description
Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Oleg A. Cheremisin · textdoswindows
https://www.exploit-db.com/exploits/21556
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/277140/2002-12-07/2002-12-13/2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/9367
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/277133
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5027
Scores
EPSS
0.3989
EPSS Percentile
97.4%
Details
Status
published
Products (2)
microsoft/internet_explorer
5.5
microsoft/internet_explorer
6.0
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026