CVE-2009-2529
기본정보
  • 공개일 : 2009-10-14
  • 변경일 : 2009-11-17
  • 위험도 : 낮음
  • 공격 범위 : 사용자가 공격자에게 접근해야 공격 가능, 인터넷
  • 피해 유형 : 계정 탈취 (관리자 계정), 무결성 훼손, 기밀 유출, 가용성 침해
CVSS 평가 위험도: 9.3 (영향도: 10.0 익스플로잇: 8.6 )
설명

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability."
참조
취약 소프트웨어
  • Microsoft windows_xp - sp2:x64
  • Microsoft windows_xp - sp2:home
  • Microsoft windows_xp - sp2
  • Microsoft windows_xp sp3
  • Microsoft windows_vista - sp2
  • Microsoft windows_vista - sp1
  • Microsoft windows_vista - -:x64
  • Microsoft windows_vista - -
  • Microsoft windows_vista sp2:x64
  • Microsoft windows_vista sp2
  • Microsoft windows_vista sp1:x64
  • Microsoft windows_vista sp1
  • Microsoft windows_server_2008 - sp2:itanium
  • Microsoft windows_server_2008 - sp2:x32
  • Microsoft windows_server_2008 - sp2
  • Microsoft windows_server_2008 sp2:x64
  • Microsoft windows_server_2008 sp2
  • Microsoft windows_server_2008 r2:itanium
  • Microsoft windows_server_2008 r2:x64
  • Microsoft windows_server_2008 r2
  • Microsoft windows_server_2008 :x64
  • Microsoft windows_server_2008 :itanium
  • Microsoft windows_server_2008 :x32
  • Microsoft windows_server_2003 sp2:itanium
  • Microsoft windows_server_2003 sp2:x64
  • Microsoft windows_server_2003 sp2
  • Microsoft windows_7 - -:x64
  • Microsoft windows_7 - -:x32
  • Microsoft windows_7 - -
  • Microsoft windows_2000 sp4
  • Microsoft internet_explorer 8
  • Microsoft internet_explorer 7
  • Microsoft internet_explorer 6 sp1
  • Microsoft internet_explorer 5.01 sp4