Vulnerability Details CVE-2009-2433
Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.187
EPSS Ranking 94.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www.exploit-db.com/exploits/9100
- http://www.securityfocus.com/bid/35620
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12829
- http://www.exploit-db.com/exploits/9100
- http://www.securityfocus.com/bid/35620
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12829
Products affected by CVE-2009-2433
-
cpe:2.3:a:microsoft:ie:8.0b
-
cpe:2.3:a:microsoft:internet_explorer:7
-
cpe:2.3:a:microsoft:internet_explorer:7.0
-
cpe:2.3:a:microsoft:internet_explorer:7.0.5730
-
cpe:2.3:a:microsoft:internet_explorer:7.0.5730.11
-
cpe:2.3:a:microsoft:internet_explorer:7.00.5730.1100
-
cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16386
-
cpe:2.3:a:microsoft:internet_explorer:7.00.6000.16441
-
cpe:2.3:a:microsoft:internet_explorer:8.0.6001