Internet Explorer deleted object memory corruption

Added: 02/23/2009
CVE: CVE-2009-0075
BID: 33627
OSVDB: 51839

Background

Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems.

Problem

A memory corruption vulnerability allows command execution when a user opens a specially crafted web page which causes a deleted object to be accessed.

Resolution

Install the patch referenced in Microsoft Security Bulletin 09-002.

References

http://www.microsoft.com/technet/security/bulletin/ms09-002.mspx

Limitations

Exploit works on Internet Explorer 7 and requires a user to load the exploit page.

Due to the nature of the vulnerability, the success of this exploit depends on the state of the target system.

Platforms

Windows XP

Back to exploit index