CVE-2003-1275

Pocket Internet Explorer 3.0 - Denial of Service via Recursive innerHTML Function

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1275. PoCs published by Christopher Sogge Røtnes.

AI-analyzed exploit summary This exploit demonstrates a denial of service vulnerability in Pocket Internet Explorer (PIE) by using maliciously crafted JavaScript code to crash the browser when a user interacts with a specific link.

Description

Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Christopher Sogge Røtnes · htmldoswindows
https://www.exploit-db.com/exploits/22119

This exploit demonstrates a denial of service vulnerability in Pocket Internet Explorer (PIE) by using maliciously crafted JavaScript code to crash the browser when a user interacts with a specific link.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Pocket Internet Explorer (PIE)
No auth needed
Prerequisites: Victim must visit a maliciously crafted web page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2003-01/0013.html
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6507
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/11004.php

Scores

EPSS 0.1670
EPSS Percentile 96.6%

Details

Status published
Products (1)
microsoft/pocket_ie 3.0
Published Dec 31, 2003
Tracked Since Feb 18, 2026