First published: Wed Dec 15 2004(Updated: )
Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Internet Explorer | =6.0-sp1 | |
Microsoft Internet Explorer | =6.0-sp2 | |
Internet Explorer | =6.0 | |
Microsoft Internet Explorer | =6.0-sp1 | |
Microsoft Internet Explorer | =6.0-sp2 | |
Internet Explorer | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2004-1198 has a severity rating that indicates it can lead to a denial of service impacting system availability.
To mitigate CVE-2004-1198, it is recommended to upgrade Microsoft Internet Explorer to a more recent and secure version.
CVE-2004-1198 affects Microsoft Internet Explorer version 6.0, specifically service packs 1 and 2.
CVE-2004-1198 is classified as a denial of service vulnerability caused by excessive memory consumption due to nested arrays in Javascript.
Yes, CVE-2004-1198 can be exploited remotely by attackers using malicious Javascript code.