Lucene search
K

3 matches found

seebug.org
seebug.org
added 2009/12/12 12:0 a.m.30 views

Microsoft IE CSS竞争条件远程代码执行漏洞(MS09-072)

BUGTRAQ ID: 37212 CVE ID: CVE-2009-3673 Internet Explorer是Windows操作系统中默认捆绑的WEB浏览器。 在CSS两个元素之间快速的反复点击切换可能触发竞争条件,导致调用悬浮指针,这可以通过heap spray进一步利用。攻击者可以通过构建特制的网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Internet Explorer 8.0 Microsoft Internet Explorer 7.0 临时解决方法: 将Internet...

9.3CVSS6.4AI score0.2535EPSS
Exploits1
CVE
CVE
added 2009/12/09 6:0 p.m.63 views

CVE-2009-3673

Microsoft Internet Explorer 7/8 are affected by CVE-2009-3673 (Uninitialized Memory Corruption). A remote code execution vulnerability exists due to improper handling of memory for objects that are uninitialized or deleted, exploitable via a specially crafted web page and potentially via heap spr...

9.3CVSS7.4AI score0.2535EPSS
Exploits1References4Affected Software2
Check Point Advisories
Check Point Advisories
added 2009/12/08 12:0 a.m.6 views

Internet Explorer Page Refresh Uninitialized Memory Corruption (MS09-072; CVE-2009-3673)

Microsoft Internet Explorer is the most widely used Internet browser. A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted. To trigge...

9.3CVSS6.9AI score0.2535EPSS
Exploits1
Rows per page
Query Builder