CVE-2004-1922

Published: Apr 11, 2004Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size.

Affected (2)

Products: Microsoft: Internet Explorer

Microsoft

1 product

Internet Explorer

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Internet Explorer	Version 5.5
Microsoft Internet Explorer	Version 6.0

References (2)

http://marc.info/?l=bugtraq&m=108183130827872&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=108183130827872&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.