Lucene search

K
saintSAINT CorporationSAINT:D35B4ED36E076097AD69F61237701D5F
HistoryFeb 23, 2009 - 12:00 a.m.

Internet Explorer deleted object memory corruption

2009-02-2300:00:00
SAINT Corporation
www.saintcorporation.com
7

0.974 High

EPSS

Percentile

99.9%

Added: 02/23/2009
CVE: CVE-2009-0075
BID: 33627
OSVDB: 51839

Background

Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.

Problem

A memory corruption vulnerability allows command execution when a user opens a specially crafted web page which causes a deleted object to be accessed.

Resolution

Install the patch referenced in Microsoft Security Bulletin 09-002.

References

<http://www.microsoft.com/technet/security/bulletin/ms09-002.mspx&gt;

Limitations

Exploit works on Internet Explorer 7 and requires a user to load the exploit page.

Due to the nature of the vulnerability, the success of this exploit depends on the state of the target system.

Platforms

Windows XP

0.974 High

EPSS

Percentile

99.9%