CVE-2009-2433

2009-07-1021:00:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

7.5

Confidence

High

EPSS

0.025

Percentile

90.3%

JSON

Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument.

Affected configurations

Nvd

Node

microsoftieMatch8.0b

microsoftinternet_explorerMatch7

microsoftinternet_explorerMatch7.0

microsoftinternet_explorerMatch7.0beta

microsoftinternet_explorerMatch7.0beta1

microsoftinternet_explorerMatch7.0beta2

microsoftinternet_explorerMatch7.0beta3

microsoftinternet_explorerMatch7.0.5730unknowngold

microsoftinternet_explorerMatch7.0.5730.11

microsoftinternet_explorerMatch7.00.5730.1100

microsoftinternet_explorerMatch7.00.6000.16386

microsoftinternet_explorerMatch7.00.6000.16441

microsoftinternet_explorerMatch8.0.6001

microsoftinternet_explorerMatch8.0.6001beta

VendorProductVersionCPE
microsoftie8.0bcpe:2.3:a:microsoft:ie:8.0b:*:*:*:*:*:*:*
microsoftinternet_explorer7cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
microsoftinternet_explorer7.0cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
microsoftinternet_explorer7.0cpe:2.3:a:microsoft:internet_explorer:7.0:beta:*:*:*:*:*:*
microsoftinternet_explorer7.0cpe:2.3:a:microsoft:internet_explorer:7.0:beta1:*:*:*:*:*:*
microsoftinternet_explorer7.0cpe:2.3:a:microsoft:internet_explorer:7.0:beta2:*:*:*:*:*:*
microsoftinternet_explorer7.0cpe:2.3:a:microsoft:internet_explorer:7.0:beta3:*:*:*:*:*:*
microsoftinternet_explorer7.0.5730cpe:2.3:a:microsoft:internet_explorer:7.0.5730:unknown:gold:*:*:*:*:*
microsoftinternet_explorer7.0.5730.11cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:*:*:*:*:*:*:*
microsoftinternet_explorer7.00.5730.1100cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	ie	8.0b	cpe:2.3:a:microsoft:ie:8.0b:::::::*
microsoft	internet_explorer	7	cpe:2.3:a:microsoft:internet_explorer:7:::::::*
microsoft	internet_explorer	7.0	cpe:2.3:a:microsoft:internet_explorer:7.0:::::::*
microsoft	internet_explorer	7.0	cpe:2.3:a:microsoft:internet_explorer:7.0:beta::::::
microsoft	internet_explorer	7.0	cpe:2.3:a:microsoft:internet_explorer:7.0:beta1::::::
microsoft	internet_explorer	7.0	cpe:2.3:a:microsoft:internet_explorer:7.0:beta2::::::
microsoft	internet_explorer	7.0	cpe:2.3:a:microsoft:internet_explorer:7.0:beta3::::::
microsoft	internet_explorer	7.0.5730	cpe:2.3:a:microsoft:internet_explorer:7.0.5730:unknown:gold:::::*
microsoft	internet_explorer	7.0.5730.11	cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11:::::::*
microsoft	internet_explorer	7.00.5730.1100	cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100:::::::*