Lucene search

K

[email protected]NVD:CVE-2009-0552

HistoryApr 15, 2009 - 8:00 a.m.

CVE-2009-0552

2009-04-1508:00:00

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.897

Percentile

98.8%

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka “Uninitialized Memory Corruption Vulnerability.”

Affected configurations

NVD

Node

microsoftieMatch6.0sp1

OR

microsoftinternet_explorerMatch5.0.1sp4

AND

microsoftwindows_2000sp4

Node

microsoftinternet_explorerMatch6

AND

microsoftwindows_server_2003

OR

microsoftwindows_server_2003sp1

OR

microsoftwindows_server_2003sp1itanium

OR

microsoftwindows_server_2003sp2

OR

microsoftwindows_xppro_x64

OR

microsoftwindows_xpsp2

OR

microsoftwindows_xpsp2pro_x64

OR

microsoftwindows_xpsp3

References

osvdb.org/53625

secunia.com/advisories/34678

support.avaya.com/elmodocs2/security/ASA-2009-133.htm

www.securitytracker.com/id?1022042

www.us-cert.gov/cas/techalerts/TA09-104A.html

www.vupen.com/english/advisories/2009/1028

docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5551

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.897

Percentile

98.8%

Related for NVD:CVE-2009-0552

checkpoint_advisories2 cvelist1 cve1 prion1 seebug1 nessus1 openvas2 securityvulns2 mskb1