CVE-2009-1530 — Microsoft Internet Explorer vulnerability

CWE-39911 documents3 sources
Severity
9.3CRITICALNVD
EPSS
62.3%
top 1.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedJun 10
Latest updateMay 2

Description

Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which triggers an access of an object that (1) was not properly initialized or (2) is deleted, aka "HTML Objects Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

â–¶NVDmicrosoft/internet_explorer4 versions+3

🔴Vulnerability Details

1
GHSA
GHSA-rfmf-5g8q-mw3m: Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7↗2022-05-02
â–¶

💬Community

9
Bugzilla
CVE-2009-3380 Firefox crashes with evidence of memory corruption↗2009-10-23
â–¶
Bugzilla
CVE-2009-3382 Firefox crashes with evidence of memory corruption↗2009-10-23
â–¶
Bugzilla
CVE-2009-1563 firefox: (rejected CVE-2009-1563) Firefox heap buffer overflow in string to number conversion↗2009-10-21
â–¶
Bugzilla
CVE-2009-3370 Firefox form history vulnerable to stealing↗2009-10-21
â–¶
Bugzilla
CVE-2009-3376 Firefox download filename spoofing with RTL override↗2009-10-21
â–¶
CVE-2009-1530 — Microsoft vulnerability | cvebase