Lucene search
MicrosoftCVELIST:CVE-2009-0550HistoryApr 15, 2009 - 3:49 a.m.
CVE-2009-0550
2009-04-1503:49:00
microsoft
raw.githubusercontent.com
1
Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008; allows remote web servers to capture and replay NTLM credentials, and execute arbitrary code, via vectors related to absence of a โcredential-reflection protectionsโ opt-in step, aka โWindows HTTP Services Credential Reflection Vulnerabilityโ and โWinINet Credential Reflection Vulnerability.โ
CNA Affected
[
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
]Related
saint
saint
Internet Explorer WinINet credential reflection vulnerability
2009-05-04 00:00:00
Internet Explorer WinINet credential reflection vulnerability
2009-05-04 00:00:00
Internet Explorer WinINet credential reflection vulnerability
2009-05-04 00:00:00
seebug
seebug
checkpoint_advisories
checkpoint_advisories
prion
prion
Design/Logic Flaw
2009-04-15 08:00:00
cve
cve
CVE-2009-0550
2009-04-15 08:00:00
nvd
nvd
NVD:CVE-2009-0550
2009-04-15 08:00:00
openvas
openvas
securityvulns
securityvulns
nessus
nessus
threatpost
threatpost
Microsoft plugs gaping holes in IE, Excel, Windows
2009-04-14 17:56:32
mskb
mskb
MS09-014: Cumulative security update for Internet Explorer
2012-07-18 16:19:51