Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1335NULL Pointer Dereference in Microsoft Internet Explorer

CWE-476NULL Pointer Dereference7 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
50.2%
top 2.15%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedApr 17
Latest updateMay 2

Description

Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows remote attackers to cause a denial of service (application hang) via a large document composed of unprintable characters, aka MSRC 9011jr.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-9hwh-3gx5-xqmh: Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows remote attackers to cause a denial of service (application hang) via a large docume2022-05-02

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 8 - File Download Denial of Service2009-04-11

📋Vendor Advisories

2
Red Hat
openssl: mime_hdr_cmp NULL dereference crash2006-08-29
Red Hat
openssl: mime_hdr_cmp NULL dereference crash2006-08-29

💬Community

2
Bugzilla
CVE-2006-7250 openssl: mime_hdr_cmp NULL dereference crash2012-02-28
Bugzilla
clamav: security fixes in upstream 0.95 (CVE-2008-6680, CVE-2009-1270)2009-04-09
CVE-2009-1335 — NULL Pointer Dereference in Microsoft | cvebase