ID CVE-2009-0075
Summary Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
References
Vulnerable Configurations
  • Microsoft Internet Explorer 7
    cpe:2.3:a:microsoft:internet_explorer:7
  • Microsoft Windows Server 2003
    cpe:2.3:o:microsoft:windows_server_2003
  • cpe:2.3:o:microsoft:windows_server_2003:-:sp1
    cpe:2.3:o:microsoft:windows_server_2003:-:sp1
  • cpe:2.3:o:microsoft:windows_server_2003:-:sp1:itanium
    cpe:2.3:o:microsoft:windows_server_2003:-:sp1:itanium
  • Microsoft Windows Server 2003 Service Pack 2
    cpe:2.3:o:microsoft:windows_server_2003:-:sp2
  • Microsoft Windows Server 2008
    cpe:2.3:o:microsoft:windows_server_2008
  • Microsoft Windows Server 2008 Itanium
    cpe:2.3:o:microsoft:windows_server_2008:-:-:itanium
  • cpe:2.3:o:microsoft:windows_vista:-:-:-:-:-:-:x64
    cpe:2.3:o:microsoft:windows_vista:-:-:-:-:-:-:x64
  • cpe:2.3:o:microsoft:windows_vista:-:sp1:-:-:-:-:x64
    cpe:2.3:o:microsoft:windows_vista:-:sp1:-:-:-:-:x64
  • cpe:2.3:o:microsoft:windows_xp:-:-:-:professional:-:-:-:x64
    cpe:2.3:o:microsoft:windows_xp:-:-:-:professional:-:-:-:x64
  • Microsoft Windows XP Service Pack 2
    cpe:2.3:o:microsoft:windows_xp:-:sp2
  • cpe:2.3:o:microsoft:windows_xp:-:sp2:-:professional:-:-:-:x64
    cpe:2.3:o:microsoft:windows_xp:-:sp2:-:professional:-:-:-:x64
  • Microsoft Windows XP Service Pack 3
    cpe:2.3:o:microsoft:windows_xp:-:sp3
CVSS
Base: 9.3 (as of 11-02-2009 - 09:56)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
  • description MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (fast). CVE-2009-0075,CVE-2009-0076. Remote exploit for windows platform
    id EDB-ID:8152
    last seen 2016-02-01
    modified 2009-03-04
    published 2009-03-04
    reporter Ahmed Obied
    source https://www.exploit-db.com/download/8152/
    title Microsoft Internet Explorer 7 - Memory Corruption Exploit MS09-002
  • description MS Internet Explorer 7 Memory Corruption PoC (MS09-002) (win2k3sp2). CVE-2009-0075,CVE-2009-0076. Remote exploit for windows platform
    file exploits/windows/remote/8082.html
    id EDB-ID:8082
    last seen 2016-02-01
    modified 2009-02-20
    platform windows
    port
    published 2009-02-20
    reporter webDEViL
    source https://www.exploit-db.com/download/8082/
    title Microsoft Internet Explorer 7 - Memory Corruption PoC MS09-002 win2k3sp2
    type remote
  • description MS Internet Explorer 7 Memory Corruption PoC (MS09-002). CVE-2009-0075. Dos exploit for windows platform
    file exploits/windows/dos/8077.html
    id EDB-ID:8077
    last seen 2016-02-01
    modified 2009-02-18
    platform windows
    port
    published 2009-02-18
    reporter N/A
    source https://www.exploit-db.com/download/8077/
    title Microsoft Internet Explorer 7 - Memory Corruption PoC MS09-002
    type dos
  • description MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (xp sp2). CVE-2009-0075,CVE-2009-0076. Remote exploit for windows platform
    file exploits/windows/remote/8079.html
    id EDB-ID:8079
    last seen 2016-02-01
    modified 2009-02-20
    platform windows
    port
    published 2009-02-20
    reporter Abysssec
    source https://www.exploit-db.com/download/8079/
    title Microsoft Internet Explorer 7 - Memory Corruption Exploit MS09-002 XP SP2
    type remote
  • description Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption. CVE-2009-0075. Remote exploit for windows platform
    id EDB-ID:16555
    last seen 2016-02-02
    modified 2010-07-12
    published 2010-07-12
    reporter metasploit
    source https://www.exploit-db.com/download/16555/
    title Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption
  • description MS Internet Explorer 7 Memory Corruption Exploit (MS09-002) (py). CVE-2009-0075,CVE-2009-0076. Remote exploit for windows platform
    file exploits/windows/remote/8080.py
    id EDB-ID:8080
    last seen 2016-02-01
    modified 2009-02-20
    platform windows
    port
    published 2009-02-20
    reporter David Kennedy (ReL1K)
    source https://www.exploit-db.com/download/8080/
    title Microsoft Internet Explorer 7 - Memory Corruption Exploit MS09-002 py
    type remote
metasploit via4
description This module exploits an error related to the CFunctionPointer function when attempting to access uninitialized memory. A remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with the privileges of the victim.
id MSF:EXPLOIT/WINDOWS/BROWSER/MS09_002_MEMORY_CORRUPTION
last seen 2019-03-26
modified 2017-07-24
published 2009-02-20
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ms09_002_memory_corruption.rb
title MS09-002 Microsoft Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption
msbulletin via4
bulletin_id MS09-002
bulletin_url
date 2009-02-10T00:00:00
impact Remote Code Execution
knowledgebase_id 961260
knowledgebase_url
severity Critical
title Cumulative Security Update for Internet Explorer (961260)
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS09-002.NASL
description The remote host is missing IE Security Update 961260. The remote version of IE is affected by two memory corruption vulnerabilities that may allow an attacker to execute arbitrary code on the remote host.
last seen 2019-02-21
modified 2018-11-15
plugin id 35630
published 2009-02-11
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=35630
title MS09-002: Cumulative Security Update for Internet Explorer (961260)
oval via4
accepted 2014-08-18T04:06:06.207-04:00
class vulnerability
contributors
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Windows XP is installed
    oval oval:org.mitre.oval:def:105
  • comment Microsoft Internet Explorer 7 is installed
    oval oval:org.mitre.oval:def:627
  • comment Microsoft Windows Server 2003 (32-bit) is installed
    oval oval:org.mitre.oval:def:1870
  • comment Microsoft Internet Explorer 7 is installed
    oval oval:org.mitre.oval:def:627
  • comment Microsoft Windows Vista (32-bit) is installed
    oval oval:org.mitre.oval:def:1282
  • comment Microsoft Windows Vista (32-bit) is installed
    oval oval:org.mitre.oval:def:1282
  • comment Microsoft Windows Vista (32-bit) is installed
    oval oval:org.mitre.oval:def:1282
  • comment Microsoft Windows Vista (32-bit) is installed
    oval oval:org.mitre.oval:def:1282
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows XP x64 is installed
    oval oval:org.mitre.oval:def:15247
  • comment Microsoft Windows Server 2003 (x64) is installed
    oval oval:org.mitre.oval:def:730
  • comment Microsoft Internet Explorer 7 is installed
    oval oval:org.mitre.oval:def:627
  • comment Microsoft Windows XP x64 is installed
    oval oval:org.mitre.oval:def:15247
  • comment Microsoft Windows Server 2003 (x64) is installed
    oval oval:org.mitre.oval:def:730
  • comment Microsoft Internet Explorer 7 is installed
    oval oval:org.mitre.oval:def:627
  • comment Microsoft Windows Vista x64 Edition is installed
    oval oval:org.mitre.oval:def:2041
  • comment Microsoft Internet Explorer 7 is installed
    oval oval:org.mitre.oval:def:627
  • comment Microsoft Windows Vista x64 Edition is installed
    oval oval:org.mitre.oval:def:2041
  • comment Microsoft Internet Explorer 7 is installed
    oval oval:org.mitre.oval:def:627
  • comment Microsoft Windows Vista x64 Edition is installed
    oval oval:org.mitre.oval:def:2041
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Internet Explorer 7 is installed
    oval oval:org.mitre.oval:def:627
  • comment Microsoft Windows Vista x64 Edition is installed
    oval oval:org.mitre.oval:def:2041
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Internet Explorer 7 is installed
    oval oval:org.mitre.oval:def:627
description Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
family windows
id oval:org.mitre.oval:def:6000
status accepted
submitted 2009-02-10T16:00:00
title Uninitialized Memory Corruption Vulnerability
version 69
packetstorm via4
data source https://packetstormsecurity.com/files/download/83061/ms09_002_memory_corruption.rb.txt
id PACKETSTORM:83061
last seen 2016-12-05
published 2009-11-26
reporter dean
source https://packetstormsecurity.com/files/83061/Internet-Explorer-7-Uninitialized-Memory-Corruption-Vulnerability.html
title Internet Explorer 7 Uninitialized Memory Corruption Vulnerability
refmap via4
bid 33627
cert TA09-041A
exploit-db
  • 8077
  • 8079
  • 8080
  • 8082
misc http://www.zerodayinitiative.com/advisories/ZDI-09-011/
ms MS09-002
osvdb 51839
vupen ADV-2009-0389
saint via4
bid 33627
description Internet Explorer deleted object memory corruption
id win_patch_ie_v7,win_patch_ie_v8
osvdb 51839
title ie_deleted_object
type client
Last major update 30-03-2010 - 00:00
Published 10-02-2009 - 17:30
Last modified 27-02-2019 - 09:07
Back to Top