CVE-2009-1528
Published Jun 10, 2009
Last updated a year ago
Overview
- Description
- Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly synchronize AJAX requests, which allows allows remote attackers to execute arbitrary code via a large number of concurrent, asynchronous XMLHttpRequest calls, aka "HTML Object Memory Corruption Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "29EDE745-5A26-42BF-AFDE-7D985BB09D44"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:32_bit:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C4BFF042-5C0B-482A-915B-3B9A267D2D96"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:gold:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1D12423F-FCCD-4F4C-9037-7607C1F1F99E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]