CVE-2009-2530
- EPSS 22.93%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:38
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru...
CVE-2009-2531
- EPSS 22.93%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:38
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru...
- EPSS 62.17%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:09:38
Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a ...
CVE-2009-3126
- EPSS 23.46%
- Veröffentlicht 14.10.2009 10:30:01
- Zuletzt bearbeitet 16.06.2026 23:10:59
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP...
CVE-2009-0090
- EPSS 20.98%
- Veröffentlicht 14.10.2009 10:30:00
- Zuletzt bearbeitet 16.06.2026 23:04:14
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application ...
CVE-2009-0091
- EPSS 25.81%
- Veröffentlicht 14.10.2009 10:30:00
- Zuletzt bearbeitet 16.06.2026 23:04:14
Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a craf...
CVE-2009-0555
- EPSS 27.09%
- Veröffentlicht 14.10.2009 10:30:00
- Zuletzt bearbeitet 16.06.2026 23:05:17
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute ar...
CVE-2009-1547
- EPSS 37.44%
- Veröffentlicht 14.10.2009 10:30:00
- Zuletzt bearbeitet 16.06.2026 23:07:29
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability."
CVE-2009-1132
- EPSS 27.05%
- Veröffentlicht 08.09.2009 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:34
Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed wireless frame, aka "Wireless...
CVE-2009-1920
- EPSS 21.51%
- Veröffentlicht 08.09.2009 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:08:21
The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a ...