CVE-2009-1140
published 2009-06-10CVE-2009-1140: Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server…
PriorityP339high7.1CVSS 2.0
AVNACMAuNCCINAN
EXPLOIT
EPSS
24.76%
97.6th percentile
Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not prevent HTML rendering of cached content, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Cross-Domain Information Disclosure Vulnerability."
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | windows_vista | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability involves IE rendering cached content across domains — monitor for IE processes accessing cached content from cross-origin zones (e.g., local files read from a remote-domain browser context). ↗
- →Exploitation may manifest as IE accessing local files or content from a different domain/security zone — alert on cross-zone resource reads within Internet Explorer. ↗
- ·Affected versions are narrowly scoped: IE 5.01 SP4, IE 6 SP1, IE 6 and 7 for Windows XP SP2/SP3, IE 6 and 7 for Server 2003 SP2, IE 7 for Vista Gold/SP1/SP2, and IE 7 for Server 2008 SP2 — detection efforts should be scoped to these specific version/OS combinations. ↗
- ·The exploitation vector is described as 'unspecified' — no specific HTTP parameters, headers, or markup patterns are publicly documented, limiting precise signature-based detection. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mh3v-wwhj-j4pq: Microsoft Internet Explorer 5
ghsa_unreviewed·2022-05-02·CVSS 7.1
CVE-2010-0555 [HIGH] GHSA-mh3v-wwhj-j4pq: Microsoft Internet Explorer 5
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving the product's use of text/html as the default content type for files that are encountered after a redirection, aka the URLMON sniffing vulnerability, a variant of CVE-2009-1140 and related to CVE-2008-1448.
GHSA
GHSA-93vc-2h9g-v2wq: Microsoft Internet Explorer 5
ghsa_unreviewed·2022-05-02·CVSS 7.1
CVE-2010-0255 [HIGH] GHSA-93vc-2h9g-v2wq: Microsoft Internet Explorer 5
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving JavaScript exploit code that constructs a reference to a file://127.0.0.1 URL, aka the dynamic OBJECT tag vulnerability, as demonstrated by obtaining the data from an index.dat file, a variant of CVE-2009-1140 and related to CVE-2008-1448.
GHSA
GHSA-7vfc-h53m-93j3: Microsoft Internet Explorer 5
ghsa_unreviewed·2022-05-02
CVE-2009-1140 [HIGH] CWE-200 GHSA-7vfc-h53m-93j3: Microsoft Internet Explorer 5
Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not prevent HTML rendering of cached content, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Cross-Domain Information Disclosure Vulnerability."
No detection rules found.
http://www.securitytracker.com/id?1022350http://www.us-cert.gov/cas/techalerts/TA09-160A.htmlhttp://www.vupen.com/english/advisories/2009/1538https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-019https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6278http://www.securitytracker.com/id?1022350http://www.us-cert.gov/cas/techalerts/TA09-160A.htmlhttp://www.vupen.com/english/advisories/2009/1538https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-019https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6278
2009-06-10
Published