Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
Threat-Mapped Scoring
Score: 1.5
Priority: P4 - Informational (Low)
EPSS
Score: 0.5977Percentile:
0.98145
CVSS Scoring
CVSS v3.1 Score: 7.8
Severity: HIGH
Mapped CWE(s)
Affected Products
cpe:2.3:a:microsoft:internet_explorer:5.01:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.01:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:-:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2000:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2000:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2000:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98se:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:terminal_server:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:server:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:workstation:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me