HomePentest-Tools.com Logo

Cumulative Security Update for Internet Explorer (969897) CVE-2007-3091CVE-2009-1140CVE-2009-1141CVE-2009-1528CVE-2009-1529CVE-2009-1530CVE-2009-1531CVE-2009-1532

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

This host is missing a critical security update according to Microsoft Bulletin MS09-019.

Risk description

Multiple flaws are due to: - Scripts may persist across navigations and let a malicious site interact with a site in an arbitrary external domain. - When application fails to properly enforce the same-origin policy. - In the way that Internet Explorer caches data and incorrectly allows the cached content to be called, potentially bypassing Internet Explorer domain restriction. - Error in the way Internet Explorer displays a Web page that contains certain unexpected method calls to HTML objects. - Error in the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted by specially crafted Web page. Successful exploitation will let the attacker execute arbitrary codes into the context of the affected system, as a result in view, change, or delete data and can cause denial of service to legitimate users.

Recommendation

The vendor has released updates. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 6, 2007
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available