Lucene search

[email protected]CVE-2009-0076

HistoryFeb 10, 2009 - 10:30 p.m.

CVE-2009-0076

2009-02-1022:30:00

CWE-399

[email protected]

web.nvd.nist.gov

microsoft

internet explorer

cve-2009-0076

css

memory corruption

vulnerability

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.836 High

EPSS

Percentile

98.4%

JSON

Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka “CSS Memory Corruption Vulnerability.”

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq7

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	7

References

www.us-cert.gov/cas/techalerts/TA09-041A.html

www.vupen.com/english/advisories/2009/0389

www.zerodayinitiative.com/advisories/ZDI-09-012/

docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-002

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6081

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.836 High

EPSS

Percentile

98.4%

JSON

Related for CVE-2009-0076

checkpoint_advisories2 securityvulns3 prion1 seebug1 zdi1 openvas2 mskb1 nessus1