Unrated severityNVD Advisory· Published Aug 3, 2009· Updated Jun 16, 2026
CVE-2009-2655
CVE-2009-2655
Description
mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) by calling the JavaScript findText method with a crafted Unicode string in the first argument, and only one additional argument, as demonstrated by a second argument of -1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
- (no CPE)range: 7, 8
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.