CVE-2009-1529

Description

Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by calling the setCapture method on a collection of crafted objects, aka Uninitialized Memory Corruption Vulnerability.

Risk Information

Base Score

8.1

MODERATE

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

59.857

Associated Vulnerability

Vulnerability	OS Platform
Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB969897)	Windows
Cumulative Security Update for Internet Explorer 6 SP1 (KB969897)	Windows
Cumulative Security Update for Internet Explorer for Windows XP (KB969897) x86 based systems	Windows
Cumulative Security Update for Internet Explorer for Windows XP (KB969897) x86 based systems for SP3	Windows
Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB969897)	Windows
Cumulative Security Update for Internet Explorer 7 for Windows XP (KB969897)	Windows
CuCumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB969897)	Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB969897) x86 based systems	Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB969897) x86 based systems for SP1	Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB969897) x86 based systems for SP2	Windows
Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB969897) x86 based systems	Windows
Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB969897)	Windows
Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB969897)	Windows
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB969897)	Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB969897)	Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB969897) for SP1	Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB969897) for SP2	Windows
Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB969897)	Windows
Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB969897) for SP2	Windows
Cumulative Security Update for Internet Explorer 8 for Windows XP (KB969897)	Windows
Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB969897)	Windows
Cumulative Security Update for Internet Explorer 8 in Windows Vista (KB969897) x86 based systems	Windows
Cumulative Security Update for Internet Explorer 8 in Windows Vista (KB969897) x86 based systems for SP1	Windows
Cumulative Security Update for Internet Explorer 8 in Windows Vista (KB969897) x86 based systems for SP2	Windows
Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB969897) x86 based systems	Windows
Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB969897) x86 based systems for SP2	Windows
Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB969897)	Windows
Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB969897)	Windows
Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB969897) for SP1	Windows
Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB969897) for SP2	Windows
Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB969897)	Windows
Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB969897) for SP2	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-7072	Cumulative Security Update for Internet Explorer for Windows XP (KB969897)
PATCH-7073	Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB969897)
PATCH-7078	CuCumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB969897)
PATCH-7080	Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB969897)
PATCH-7082	Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB969897)
PATCH-7084	Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB969897)
PATCH-7088	Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB969897)
PATCH-7089	Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB969897)
PATCH-7090	Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB969897)
PATCH-7091	Cumulative Security Update for Internet Explorer 8 for Windows XP (KB969897)
PATCH-7093	Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB969897)
PATCH-7097	Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB969897)
PATCH-7098	Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB969897)
PATCH-7099	Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB969897)
PATCH-7100	Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB969897)
PATCH-7102	Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB969897)
PATCH-7103	Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB969897)
PATCH-7104	Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB969897)
PATCH-7105	Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB969897)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234