VYPR
Unrated severityNVD Advisory· Published Aug 3, 2009· Updated Jun 16, 2026

CVE-2009-2655

CVE-2009-2655

Description

mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) by calling the JavaScript findText method with a crafted Unicode string in the first argument, and only one additional argument, as demonstrated by a second argument of -1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
    • (no CPE)range: 7, 8

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.