Home

CVE-2009-1532

Description

Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via malformed row property references that trigger an access of an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka HTML Objects Memory Corruption Vulnerability or HTML Object Memory Corruption Vulnerability.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
59.432

Associated Vulnerability

VulnerabilityOS Platform
Cumulative Security Update for Internet Explorer 5.01 Service Pack 4 (KB969897)Windows
Cumulative Security Update for Internet Explorer 6 SP1 (KB969897)Windows
Cumulative Security Update for Internet Explorer for Windows XP (KB969897) x86 based systemsWindows
Cumulative Security Update for Internet Explorer for Windows XP (KB969897) x86 based systems for SP3Windows
Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB969897)Windows
Cumulative Security Update for Internet Explorer 7 for Windows XP (KB969897)Windows
CuCumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB969897)Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB969897) x86 based systemsWindows
Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB969897) x86 based systems for SP1Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB969897) x86 based systems for SP2Windows
Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB969897) x86 based systemsWindows
Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB969897)Windows
Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB969897)Windows
Cumulative Security Update for Internet Explorer 7 for Windows Server 2003 x64 Edition (KB969897)Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB969897)Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB969897) for SP1Windows
Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB969897) for SP2Windows
Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB969897)Windows
Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB969897) for SP2Windows
Cumulative Security Update for Internet Explorer 8 for Windows XP (KB969897)Windows
Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB969897)Windows
Cumulative Security Update for Internet Explorer 8 in Windows Vista (KB969897) x86 based systemsWindows
Cumulative Security Update for Internet Explorer 8 in Windows Vista (KB969897) x86 based systems for SP1Windows
Cumulative Security Update for Internet Explorer 8 in Windows Vista (KB969897) x86 based systems for SP2Windows
Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB969897) x86 based systemsWindows
Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB969897) x86 based systems for SP2Windows
Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB969897)Windows
Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB969897)Windows
Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB969897) for SP1Windows
Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB969897) for SP2Windows
Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB969897)Windows
Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB969897) for SP2Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-7072Cumulative Security Update for Internet Explorer for Windows XP (KB969897)
PATCH-7073Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB969897)
PATCH-7078CuCumulative Security Update for Internet Explorer 7 for Windows Server 2003 (KB969897)
PATCH-7080Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB969897)
PATCH-7082Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 (KB969897)
PATCH-7084Cumulative Security Update for Internet Explorer 7 for Windows XP x64 Edition (KB969897)
PATCH-7088Cumulative Security Update for Internet Explorer 7 in Windows Vista x64 Edition (KB969897)
PATCH-7089Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB969897)
PATCH-7090Cumulative Security Update for Internet Explorer 7 in Windows Server 2008 x64 Edition (KB969897)
PATCH-7091Cumulative Security Update for Internet Explorer 8 for Windows XP (KB969897)
PATCH-7093Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB969897)
PATCH-7097Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB969897)
PATCH-7098Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 (KB969897)
PATCH-7099Cumulative Security Update for Internet Explorer 8 for Windows XP x64 Edition (KB969897)
PATCH-7100Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 x64 Edition (KB969897)
PATCH-7102Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB969897)
PATCH-7103Cumulative Security Update for Internet Explorer 8 in Windows Vista x64 Edition (KB969897)
PATCH-7104Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB969897)
PATCH-7105Cumulative Security Update for Internet Explorer 8 in Windows Server 2008 x64 Edition (KB969897)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234