Microsoft Internet Explorer 6 on Windows XP SP2 and SP3, and Internet Explorer 7 on Vista, allows remote malicious users to cause a denial of service (application crash) via JavaScript code that calls createElement to create an instance of the LI element, and then calls setAttribute to set the value attribute.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet_explorer 6 |
||
microsoft internet_explorer 7 |