CVE-2009-3270

Microsoft Internet Explorer 7.0-7.0.6000.16711 - Denial of Service via window.print Function Loop

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3270. PoCs published by Dr_IDE.

AI-analyzed exploit summary This exploit leverages a Denial of Service (DoS) vulnerability in Firefox 3.6.3 and Safari 4.0.5 by recursively calling window.print() and window.open() in an error handler, causing the browser to crash or become unresponsive.

Description

Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Dr_IDE · htmldososx
https://www.exploit-db.com/exploits/12509

This exploit leverages a Denial of Service (DoS) vulnerability in Firefox 3.6.3 and Safari 4.0.5 by recursively calling window.print() and window.open() in an error handler, causing the browser to crash or become unresponsive.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Firefox 3.6.3, Safari 4.0.5
No auth needed
Prerequisites: User interaction to load the malicious HTML page
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory x_refsource_misc
http://websecurity.com.ua/2872/
Broken Link, Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/506328/100/100/threaded
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/79354

Scores

EPSS 0.2823
EPSS Percentile 97.9%

Details

CWE
CWE-400
Status published
Products (1)
microsoft/internet_explorer 7.0 - 7.0.6000.16711
Published Sep 18, 2009
Tracked Since Feb 18, 2026