Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-0553Out-of-bounds Write in Microsoft Internet Explorer

CWE-3993 documents3 sources
Severity
9.3CRITICALNVD
EPSS
72.4%
top 1.23%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedApr 15
Latest updateMay 2

Description

Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-57qc-2cx2-pm35: Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and2022-05-02

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer - EMBED Memory Corruption (PoC) (MS09-014)2009-04-20
CVE-2009-0553 — Out-of-bounds Write in Microsoft | cvebase