VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 24, 2009· Updated Apr 23, 2026

CVE-2009-2954

CVE-2009-2954

Description

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU consumption and application hang) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.

Affected products

76
  • Microsoft/Internet Explorer76 versions
    cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*+ 75 more
    • cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*range: <=6.0.2900.2180
    • cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.01:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.01:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.0.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.40.308:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.40.520:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.70.1155:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.70.1158:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.70.1215:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.70.1300:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.71.1008.3:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.71.1712.6:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.71.544:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.72.2106.8:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.72.3110.8:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:4.72.3612.1713:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.0518.10:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.0910.1309:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2014.0216:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2314.1003:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2516.1900:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2614.3500:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2919.3800:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2919.6307:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2919.800:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.2920.0000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3103.1000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3105.0106:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3314.2101:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3315.1000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3502.1000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.00.3700.1000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.3825.1300:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4030.2400:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4134.0100:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4134.0600:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4308.2900:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4522.1800:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.50.4807.2300:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:preview:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.2462.0000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.2479.0006:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.00.2600.0000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2600:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2800:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2800.1106:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.