CVE-2009-0554Out-of-bounds Write in Microsoft Internet Explorer

CWE-3992 documents2 sources
Severity
8.8HIGHNVD
EPSS
56.7%
top 1.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedApr 15
Latest updateMay 2

Description

Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDmicrosoft/internet_explorer5.01, 6, 7+2

🔴Vulnerability Details

1
GHSA
GHSA-r9xq-fpxc-46xw: Microsoft Internet Explorer 52022-05-02
CVE-2009-0554 — Out-of-bounds Write in Microsoft | cvebase