CVE-2002-1714

Microsoft IE - Denial of Service

Title source: rule

Description

Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Matthew Murphy · htmldoswindows

https://www.exploit-db.com/exploits/21404

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/268776

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/4564

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/8904

Scores

EPSS 0.1973

EPSS Percentile 95.5%

Details

Status published

Products (4)

microsoft/ie 6.0 sp1

microsoft/internet_explorer 5.0

microsoft/internet_explorer 5.5 (3 CPE variants)

microsoft/internet_explorer 6.0

Published Dec 31, 2002

Tracked Since Feb 18, 2026