1. Home
  2. CVE Database
  3. CVE-2004-1922
LOW · 2.6

CVE-2004-1922

Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of servic...

Vulnerability Description

Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size.

CVSS Score

2.6

LOW

AV:N/AC:H/Au:N/C:N/I:N/A:P
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL

Affected Products

VendorProductVersions
MicrosoftInternet Explorer5.5

References

FAQ

What is CVE-2004-1922?

CVE-2004-1922 is a vulnerability with a CVSS score of 2.6 (LOW). Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of servic...

How severe is CVE-2004-1922?

CVE-2004-1922 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2004-1922?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Internet Explorer.