CVE-2009-2511
- EPSS 12.96%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:36
Integer overflow in the CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows man-in-the-middle attackers to s...
CVE-2009-2515
- EPSS 1.55%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:37
Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncati...
CVE-2009-2516
- EPSS 1.33%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:37
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gain privileges via a crafted PE .exe file that trigg...
CVE-2009-2517
- EPSS 1.78%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:37
The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Ha...
CVE-2009-2525
- EPSS 23.32%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:38
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote atta...
CVE-2009-2529
- EPSS 19.53%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:38
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnera...
CVE-2009-2530
- EPSS 22.93%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:38
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru...
CVE-2009-2531
- EPSS 22.93%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:38
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru...
CVE-2009-0090
- EPSS 20.98%
- Veröffentlicht 14.10.2009 10:30:00
- Zuletzt bearbeitet 16.06.2026 23:04:14
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application ...
CVE-2009-0091
- EPSS 25.81%
- Veröffentlicht 14.10.2009 10:30:00
- Zuletzt bearbeitet 16.06.2026 23:04:14
Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a craf...