Lucene search

[email protected]CVE-2009-0075

HistoryFeb 10, 2009 - 10:30 p.m.

CVE-2009-0075

2009-02-1022:30:00

CWE-399

[email protected]

web.nvd.nist.gov

microsoft

internet explorer

cve-2009-0075

memory corruption

security vulnerability

remote code execution

7.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka “Uninitialized Memory Corruption Vulnerability.”

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq7

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	7

References

osvdb.org/51839

www.securityfocus.com/bid/33627

www.us-cert.gov/cas/techalerts/TA09-041A.html

www.vupen.com/english/advisories/2009/0389

www.zerodayinitiative.com/advisories/ZDI-09-011/

docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-002

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6000

www.exploit-db.com/exploits/8077

www.exploit-db.com/exploits/8079

www.exploit-db.com/exploits/8080

www.exploit-db.com/exploits/8082

7.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Related for CVE-2009-0075

saint4 seebug1 checkpoint_advisories3 packetstorm1 canvas1 prion2 securityvulns3 zdi1 mskb1 cve1 nessus1 openvas2