The Likelihood of this bug being exploited is damn low. It requires the download of an html file, and then the target would have to double click it. On top of that the Consequences of it are not that serious.so you provided you answer as to why the bug only got $1000
