Lucene search
Peter VreugdenhilZDI-09-036HistoryJun 10, 2009 - 12:00 a.m.
Microsoft Internet Explorer setCapture Memory Corruption Vulnerability
2009-06-1000:00:00
Peter Vreugdenhil
www.zerodayinitiative.com
17
0.946 High
EPSS
Percentile
99.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists when calling the setCapture method on a range of objects. When setCapture is called on a collection of specially crafted objects memory becomes corrupted. When the capture is released, arbitrary memory is accessed potentially leading to remote code execution. Exploitation of this vulnerability will lead to system compromise under the credentials of the currently logged in user.
Related
prion
prion
Memory corruption
2009-06-10 18:30:00
cvelist
cvelist
CVE-2009-1529
2009-06-10 18:00:00
nvd
nvd
CVE-2009-1529
2009-06-10 18:30:00
cve
cve
CVE-2009-1529
2009-06-10 18:30:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
ZDI-09-036: Microsoft Internet Explorer setCapture Memory Corruption Vulnerability
2009-06-11 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2009-06-11 00:00:00
seebug
seebug
Microsoft IE DHTML和HTML对象多个内存破坏漏洞(MS09-019)
2009-06-11 00:00:00
openvas
openvas
Cumulative Security Update for Internet Explorer (969897)
2009-06-10 00:00:00
Cumulative Security Update for Internet Explorer (969897)
2009-06-10 00:00:00
nessus
nessus
MS09-019: Cumulative Security Update for Internet Explorer (969897)
2009-06-10 00:00:00