← back
CVE-2009-3671

CVE-2009-3671

CVSS 8.1 HIGHEPSS 21.0%CWE-416
Vexday Risk Score
26Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.1EPSS 21.0%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
09 Dec 2009Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3674.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-072https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6382http://www.securitytracker.com/id?1023293http://www.us-cert.gov/cas/techalerts/TA09-342A.html