CVE-2010-1991

Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.

Published: May 20, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-1991
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
microsoft / ie	8.0.7600.16385	8.0.7600.16385.x
microsoft / internet_explorer	7	7.x
microsoft / internet_explorer	6.0.2900.2180	6.0.2900.2180.x
microsoft / internet_explorer	7.0	7.0.x

http://websecurity.com.ua/4206/
http://www.securityfocus.com/archive/1/511327/100/0/threaded

Vulnerability Database

289,599

CVE-2010-1991