Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1547Code Injection in Microsoft Internet Explorer

CWE-94Code Injection4 documents3 sources
Severity
8.8HIGHNVD
EPSS
29.7%
top 3.36%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedOct 14
Latest updateMay 2

Description

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability."

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDmicrosoft/internet_explorer4 versions+3

🔴Vulnerability Details

1
GHSA
GHSA-rpp3-6c33-vw2f: Unspecified vulnerability in Microsoft Internet Explorer 52022-05-02

💥Exploits & PoCs

2
Exploit-DB
Microsoft Internet Explorer 5/6/7 - Memory Corruption (MS09-054)2009-10-15
Exploit-DB
Microsoft Internet Explorer 5.0.1 - 'deflate' HTTP Content Encoding Remote Code Execution2009-10-13
CVE-2009-1547 — Code Injection in Microsoft | cvebase