GSD-2009-1532

Vulnerability from gsd - Updated: 2023-12-13 01:19
Details
Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via "malformed row property references" that trigger an access of an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Objects Memory Corruption Vulnerability" or "HTML Object Memory Corruption Vulnerability."
Aliases
Aliases
CVE-2009-1532
To clipboard 

{
  "GSD": {
    "alias": "CVE-2009-1532",
    "description": "Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via \"malformed row property references\" that trigger an access of an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"HTML Objects Memory Corruption Vulnerability\" or \"HTML Object Memory Corruption Vulnerability.\"",
    "id": "GSD-2009-1532"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-1532"
      ],
      "details": "Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via \"malformed row property references\" that trigger an access of an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"HTML Objects Memory Corruption Vulnerability\" or \"HTML Object Memory Corruption Vulnerability.\"",
      "id": "GSD-2009-1532",
      "modified": "2023-12-13T01:19:47.954273Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2009-1532",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via \"malformed row property references\" that trigger an access of an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"HTML Objects Memory Corruption Vulnerability\" or \"HTML Object Memory Corruption Vulnerability.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "54951",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/54951"
          },
          {
            "name": "20090610 ZDI-09-041: Microsoft Internet Explorer 8 Rows Property Dangling Pointer Code Execution Vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/504208/100/0/threaded"
          },
          {
            "name": "ADV-2009-1538",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1538"
          },
          {
            "name": "MS09-019",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-019"
          },
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-09-041",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-041"
          },
          {
            "name": "oval:org.mitre.oval:def:6244",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6244"
          },
          {
            "name": "TA09-160A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html"
          },
          {
            "name": "1022350",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022350"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A52E757F-9B41-43B4-9D67-3FEDACA71283",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              },
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*",
                    "matchCriteriaId": "1D929AA2-EE0B-4AA1-805D-69BCCA11B77F",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:x64:*",
                    "matchCriteriaId": "3A118DC8-CD3A-461F-867E-5174F24FBAE9",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:-:*:x86:*",
                    "matchCriteriaId": "1114016B-B51D-495D-96AC-A0E7992DA551",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
                    "matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
                    "matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_vista:-:-:*:*:*:*:*:*",
                    "matchCriteriaId": "BDD715BA-B0EB-4D42-BCB1-97B261459E52",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*",
                    "matchCriteriaId": "3A04E39A-623E-45CA-A5FC-25DAA0F275A3",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
                    "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
                    "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*",
                    "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79",
                    "vulnerable": false
                  },
                  {
                    "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
                    "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9",
                    "vulnerable": false
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ],
            "operator": "AND"
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via \"malformed row property references\" that trigger an access of an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"HTML Objects Memory Corruption Vulnerability\" or \"HTML Object Memory Corruption Vulnerability.\""
          },
          {
            "lang": "es",
            "value": "Microsoft Internet Explorer 8 para Windows XP SP2 y SP3; 8 para Server 2003 SP2; 8 para Vista Gold, SP1 y SP2; y 8 para Server 2008 SP2 no maneja apropiadamente los objetos en la memoria, lo que permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de \"malformed row property references\" que desencadenan un acceso de un objeto que (1) no se inicializ\u00f3 apropiadamente o (2) se elimina, lo que conlleva a corrupci\u00f3n de la memoria, tambi\u00e9n se conoce como \"HTML Objects Memory Corruption Vulnerability\" o \"HTML Object Memory Corruption Vulnerability\"."
          }
        ],
        "id": "CVE-2009-1532",
        "lastModified": "2024-02-09T03:22:27.067",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "integrityImpact": "COMPLETE",
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              "exploitabilityScore": 8.6,
              "impactScore": 10.0,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": true
            }
          ]
        },
        "published": "2009-06-10T18:30:00.530",
        "references": [
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://osvdb.org/54951"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.securityfocus.com/archive/1/504208/100/0/threaded"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.securitytracker.com/id?1022350"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Third Party Advisory",
              "US Government Resource"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1538"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-041"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-019"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6244"
          }
        ],
        "sourceIdentifier": "secure@microsoft.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-787"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.