Lucene search
MicrosoftCVE-2009-0076HistoryFeb 10, 2009 - 10:30 p.m.
CVE-2009-0076
2009-02-1022:30:00
CWE-399
microsoft
web.nvd.nist.gov
32
microsoft
internet explorer
cve-2009-0076
css
memory corruption
vulnerability
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
Low
EPSS
0.812
Percentile
98.4%
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka “CSS Memory Corruption Vulnerability.”
Affected configurations
Node
microsoftinternet_explorerMatch7
microsoftwindows_server_2003
ORmicrosoftwindows_server_2003sp1
ORmicrosoftwindows_server_2003sp1itanium
ORmicrosoftwindows_server_2003sp2
ORmicrosoftwindows_server_2008itanium
ORmicrosoftwindows_server_2008x32
ORmicrosoftwindows_server_2008x64
ORmicrosoftwindows_vistax64
ORmicrosoftwindows_vistasp1
ORmicrosoftwindows_xpprofessional_x64
ORmicrosoftwindows_xpsp2
ORmicrosoftwindows_xpsp2professional_x64
ORmicrosoftwindows_xpsp3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | internet_explorer | 7 | cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:* |
| microsoft | windows_server_2003 | * | cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2003 | * | cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:* |
| microsoft | windows_server_2003 | * | cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:* |
| microsoft | windows_server_2003 | * | cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:* |
| microsoft | windows_vista | * | cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:* |
| microsoft | windows_vista | * | cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:* |
References
Related
prion
prion
Memory corruption
2009-02-10 22:30:00
seebug
seebug
Microsoft IE畸形CSS处理内存破坏漏洞(MS09-002)
2009-02-13 00:00:00
zdi
zdi
Microsoft Internet Explorer Malformed CSS Memory Corruption Vulnerability
2009-02-10 00:00:00
cvelist
cvelist
CVE-2009-0076
2009-02-10 22:13:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer CSS Memory Corruption (MS09-002) - Ver2 (CVE-2009-0076)
2014-12-28 00:00:00
Internet Explorer CSS Memory Corruption (MS09-002; CVE-2009-0076)
2009-02-10 00:00:00
securityvulns
securityvulns
ZDI-09-012: Microsoft Internet Explorer Malformed CSS Memory Corruption
2009-02-11 00:00:00
Microsoft Security Bulletin MS09-002 - Critical Cumulative Security Update for Internet Explorer (961260)
2009-02-11 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2009-02-11 00:00:00
nvd
nvd
CVE-2009-0076
2009-02-10 22:30:00
mskb
mskb
MS09-002: Cumulative security update for Internet Explorer
2018-04-17 18:59:42
exploitdb
exploitdb
Microsoft Internet Explorer 7 - Memory Corruption (MS09-002)
2009-02-20 00:00:00
nessus
nessus
MS09-002: Cumulative Security Update for Internet Explorer (961260)
2009-02-11 00:00:00
openvas
openvas
Cumulative Security Update for Internet Explorer (961260)
2009-02-11 00:00:00
Cumulative Security Update for Internet Explorer (961260)
2009-02-11 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
Low
EPSS
0.812
Percentile
98.4%
Related for CVE-2009-0076