CVE-2009-2954
Microsoft Internet Explorer < 6.0.2900.2180 - Denial of Service via Long Location Hash
Title source: llmDescription
Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://websecurity.com.ua/3424/
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/506006/100/0/threaded
Scores
EPSS
0.1308
EPSS Percentile
95.9%
Details
CWE
CWE-20
Status
published
Products (43)
microsoft/internet_explorer
3.0
microsoft/internet_explorer
3.0.1
microsoft/internet_explorer
3.0.2
microsoft/internet_explorer
3.1
microsoft/internet_explorer
3.2
microsoft/internet_explorer
4.0
microsoft/internet_explorer
4.0.1 (3 CPE variants)
microsoft/internet_explorer
4.01 (2 CPE variants)
microsoft/internet_explorer
4.1
microsoft/internet_explorer
4.5
... and 33 more
Published
Aug 24, 2009
Tracked Since
Feb 18, 2026