Executive Summary
Summary | |
---|---|
Title | Cumulative Security Update for Internet Explorer (972260) |
Informations | |||
---|---|---|---|
Name | MS09-034 | First vendor Publication | 2009-07-28 |
Vendor | Microsoft | Last vendor Modification | 2009-08-04 |
Severity (Vendor) | Critical | Revision | 2.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V2.0 (August 4, 2009): Reissued the update for Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4. All customers who have already installed the original update for Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 are already protected. However, customers who have the Korean-language version of Internet Explorer 6 Service Pack 1 may reinstall the update for Internet Explorer 6 Service Pack 1 on their Windows 2000 systems in order to have the same protections and also resolve a printing issue. See the entry in Frequently Asked Questions (FAQ) Related to This Security Update.Summary: This security update is being released out of band in conjunction with Microsoft Security Bulletin MS09-035, which describes vulnerabilities in those components and controls that have been developed using vulnerable versions of the Microsoft Active Template Library (ATL). As a defense-in-depth measure, this Internet Explorer security update helps mitigate known attack vectors within Internet Explorer for those components and controls that have been developed with vulnerable versions of ATL as described in Microsoft Security Advisory (973882) and Microsoft Security Bulletin MS09-035. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS09-034.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
33 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5524 | |||
Oval ID: | oval:org.mitre.oval:def:5524 | ||
Title: | HTML Objects Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle table operations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption by adding malformed elements to an empty DIV element, related to the getElementsByTagName method, aka "HTML Objects Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1918 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5660 | |||
Oval ID: | oval:org.mitre.oval:def:5660 | ||
Title: | Uninitialized Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory, which allows remote attackers to execute arbitrary code via an HTML document containing embedded style sheets that modify unspecified rule properties that cause the behavior element to be "improperly processed," aka "Uninitialized Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1919 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6072 | |||
Oval ID: | oval:org.mitre.oval:def:6072 | ||
Title: | Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-1917 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-07-29 | Name : Cumulative Security Update for Internet Explorer (972260) File : nvt/secpod_ms09-034.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
56695 | Microsoft IE HTML Embedded CSS Property Modification Memory Corruption |
56694 | Microsoft IE Invalid HTML Object Element Appendage Handling Memory Corruption |
56693 | Microsoft IE timeChildren Object ondatasetcomplete Event Method Memory Corrup... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Internet Explorer empty table tag memory corruption attempt RuleID : 19814 - Revision : 9 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer empty table tag memory corruption attempt RuleID : 15733 - Revision : 9 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer CSS handling memory corruption attempt RuleID : 15732 - Revision : 12 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer javascript deleted reference arbitrary code execu... RuleID : 15731 - Revision : 16 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-10-14 | Name : Arbitrary code can be executed on the remote host through Microsoft Office Ac... File : smb_nt_ms09-060.nasl - Type : ACT_GATHER_INFO |
2009-07-28 | Name : Arbitrary code can be executed on the remote host through a web browser. File : smb_nt_ms09-034.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:17 |
|
2014-01-19 21:30:20 |
|