Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:12488
HistoryOct 19, 2009 - 12:00 a.m.

Microsoft IE deflate HTTP内容编码远程代码执行漏洞(MS09-054)

2009-10-1900:00:00
Root
www.seebug.org
8

0.956 High

EPSS

Percentile

99.2%

JSON

BUGTRAQ ID: 36622
CVE(CAN) ID: CVE-2009-1547

Internet Explorer是Windows操作系统中默认捆绑的WEB浏览器。

Internet Explorer的Content-Encoding:deflate实现中存在内存破坏漏洞,在特定情况下处理数据流头可以触发这个漏洞。攻击者可以通过构建特制的网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。

Microsoft Internet Explorer 7.0
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 5.0.1 SP4
厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS09-054)以及相应补丁:
MS09-054:Cumulative Security Update for Internet Explorer (974455)
链接:http://www.microsoft.com/technet/security/Bulletin/MS09-054.mspx?pf=true


                                                HTTP/.\nContent-Encoding:deflate\r\t\n\r\n\x20\x20
HTTP \nContent-Encoding:deflate\nContent-Range:\n\n”

Related

packetstorm 1
exploitpack 1
seebug 3
cve 1
checkpoint_advisories 1
securityvulns 3
symantec 1
prion 1
cvelist 1
exploitdb 1
nessus 1
mskb 1
openvas 2
packetstorm
packetstorm
MSIE Content-Encoding: Deflate Memory Corruption
2009-10-15 00:00:00
exploitpack
exploitpack
Microsoft Internet Explorer 567 - Memory Corruption (MS09-054)
2009-10-15 00:00:00
seebug
seebug
Microsoft Internet Explorer 5 6 7 memory corruption PoC
2009-10-15 00:00:00
MS Internet Explorer 6 - 8 Content-Encoding Memory Corruption
2009-10-15 00:00:00
Microsoft Internet Explorer 5 6 7 memory corruption PoC
2009-10-15 00:00:00
cve
cve
CVE-2009-1547
2009-10-14 10:30:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer Data Stream Header Corruption (MS09-054; CVE-2009-1547)
2009-10-13 00:00:00
securityvulns
securityvulns
MSIE Content-Encoding: deflate memory corruption vulnerability
2009-10-14 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2009-10-14 00:00:00
Microsoft Security Bulletin MS09-054 - Critical Cumulative Security Update for Internet Explorer (974455)
2009-10-13 00:00:00
symantec
symantec
Microsoft Internet Explorer 'deflate' HTTP Content Encoding Remote Code Execution Vulnerability
2009-10-13 00:00:00
prion
prion
Memory corruption
2009-10-14 10:30:00
cvelist
cvelist
CVE-2009-1547
2009-10-14 10:00:00
exploitdb
exploitdb
Microsoft Internet Explorer 5/6/7 - Memory Corruption (MS09-054)
2009-10-15 00:00:00
nessus
nessus
MS09-054: Cumulative Security Update for Internet Explorer (974455)
2009-10-13 00:00:00
mskb
mskb
MS09-054: Cumulative security update for Internet Explorer
2014-06-23 07:27:42
openvas
openvas
Microsoft Internet Explorer Multiple Code Execution Vulnerabilities (974455)
2009-10-14 00:00:00
Microsoft Internet Explorer Multiple Code Execution Vulnerabilities (974455)
2009-10-14 00:00:00

0.956 High

EPSS

Percentile

99.2%

JSON
Related for SSV:12488
packetstorm1exploitpack1seebug3cve1checkpoint_advisories1securityvulns3symantec1prion1cvelist1exploitdb1nessus1mskb1openvas2