CVE-2009-0075

Published Feb 10, 2009

Last updated 6 years ago

CVSS info 9.3

Overview

Description: Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
Source: secure@microsoft.com
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E3527F41-A6ED-437D-9833-458A2C60C2A3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "43D64F8D-975A-4A5B-BEDF-D27D65C96A29"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:itanium:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9012FF99-B2F1-42F5-8366-D5071B66F42D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:itanium:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DBE4A4EA-A0DE-4FDE-B9EC-D8729E17A1F1"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "51160A46-6768-44D5-89CD-6DB9D2268A2E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "7211B5C5-6B6E-4A33-88BC-1D64CD684204"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:professional:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "39DC2489-8FB9-4301-A966-268DE7D0A503"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:professional:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "C551BCF9-358A-46F5-8592-E309D3EBC5F3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References