CVE-2009-1530

Published Jun 10, 2009
Last updated a year ago
CVSS info 9.3
Overview

Description: Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which triggers an access of an object that (1) was not properly initialized or (2) is deleted, aka "HTML Objects Memory Corruption Vulnerability."
Source: secure@microsoft.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: CWE-399
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "29EDE745-5A26-42BF-AFDE-7D985BB09D44"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BCE2197B-7C58-4693-B9BB-0B31EABB6B66"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6B33C9BD-FC34-4DFC-A81F-C620D3DAA79D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:32_bit:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C4BFF042-5C0B-482A-915B-3B9A267D2D96"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:gold:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1D12423F-FCCD-4F4C-9037-7607C1F1F99E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D47247A3-7CD7-4D67-9D9B-A94A504DA1BE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6219D36E-9E2C-4DC7-8FD5-FAD144A333F6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3F2A51E-2675-4993-B9C2-F2D176A92857"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:sp1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "49F99773-D1AF-4596-856A-CA164D4B68E5"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:sp2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9F916C0D-3B99-46F3-A7AE-BAF067361499"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:sp3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E69F8C21-5996-4083-A02A-F04AE948CEA9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
