← CVECheck
HomeVulnerabilities

CVE-2004-1922 — LOW severity vulnerability (Microsoft Internet Explorer 5.5 and 6.0 allocates memory bas)

Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size.

CVE IDCVE-2004-1922
SeverityLOW
CVSS score2.6
CVSS vectorAV:N/AC:H/Au:N/C:N/I:N/A:P
CWENVD-CWE-Other
StatusModified
Published2004-04-11
Last modified2026-04-16
DescriptionMicrosoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a large memory size.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →