Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP document followed by a request for a second HTTP document, which allows remote attackers to execute arbitrary code via vectors involving (1) multiple crafted pages on a web site or (2) a web page with crafted inline content such as banner advertisements, aka "Page Transition Memory Corruption Vulnerability."
History

Mon, 21 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft ie
CPEs cpe:2.3:a:microsoft:ie:6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:7:*:*:*:*:*:*:*
Vendors & Products Microsoft ie
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2009-04-15T03:49:00

Updated: 2024-10-21T16:26:23.249Z

Reserved: 2009-02-12T00:00:00

Link: CVE-2009-0551

cve-icon Vulnrichment

Updated: 2024-08-07T04:40:03.755Z

cve-icon NVD

Status : Modified

Published: 2009-04-15T08:00:00.627

Modified: 2024-11-21T01:00:17.987

Link: CVE-2009-0551

cve-icon Redhat

No data.