CVE-2004-1922
low
Microsoft CVSS v3 Base Score
2.6
AV:N/AC:H/Au:N/C:N/I:N/A:P
EPSS Score
5.1%
Exploitation probability in 30 days
Top 10% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Confidentiality
None
Integrity
None
Availability
P
Published: April 11, 2004 (8068 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD
Vulnerability Report
Generated by CyberWatcher
Description
Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size.
CWE
NVD-CWE-OtherAffected Products
microsoft internet explorer