CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.9%
Added: 02/23/2009
CVE: CVE-2009-0075
BID: 33627
OSVDB: 51839
Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.
A memory corruption vulnerability allows command execution when a user opens a specially crafted web page which causes a deleted object to be accessed.
Install the patch referenced in Microsoft Security Bulletin 09-002.
<http://www.microsoft.com/technet/security/bulletin/ms09-002.mspx>
Exploit works on Internet Explorer 7 and requires a user to load the exploit page.
Due to the nature of the vulnerability, the success of this exploit depends on the state of the target system.
Windows XP