National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2009-2576 Detail

Current Description

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.

Source:  MITRE
View Analysis Description

Impact

CVSS v2.0 Severity and Metrics:

Base Score: 5.0 MEDIUM
Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) (V2 legend)
Impact Subscore: 2.9
Exploitability Subscore: 10.0


Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (AU): None
Confidentiality (C): None
Integrity (I): None
Availability (A): Partial
Additional Information:
Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
http://archives.neohapsis.com/archives/bugtraq/2009-07/0192.html
http://archives.neohapsis.com/archives/bugtraq/2009-07/0193.html
http://websecurity.com.ua/3338/ Exploit
http://www.securityfocus.com/archive/1/505092/100/0/threaded
http://www.securityfocus.com/archive/1/505120/100/0/threaded
http://www.securityfocus.com/archive/1/505122/100/0/threaded

Technical Details

Vulnerability Type (View All)

  • Resource Management Errors (CWE-399)

Known Affected Software Configurations Switch to CPE 2.3

Configuration 1 ( hide )
 cpe:/a:microsoft:ie:::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:::mobile
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:2.0::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:2.0_beta::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:3.0
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:3.0::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:3.0::mac_os
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:3.0.1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:3.0.1::windows_95
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:3.0.2
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:3.1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:3.01::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:3.1::mac_os
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:3.2
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0::mac_os
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0::windows_98
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0::windows_nt
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0:a
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0.1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0.1::mac_os
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0.1::windows_95
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0.1::windows_98
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0.1::windows_nt
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0.1:sp1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0.1:sp2
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.0a::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.01
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.1::windows_95
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.1::windows_98
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.1::windows_nt_4.0
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.01:sp1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.5
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.5::mac_os
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.5::macintosh
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.40.308
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.40.520
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.70.1155
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.70.1158
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.70.1215
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.70.1300
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.71.1008.3
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.71.1712.6
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.72.2106.8
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.72.3110.8
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.72.3612.1713
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:4.x
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5::windows_nt_4.0
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0::macos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0::mobile
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0::windows
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0::windows_95
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0::windows_98
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0::windows_nt_4.0
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0:sp1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0:sp4
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0.1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0.1::windows_2000
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0.1::windows_95
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0.1::windows_98
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0.1::windows_nt_4.0
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0.1:sp1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0.1:sp2
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0.1:sp4
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.0518.10
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.0910.1309
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.2014.0216
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.2516.1900
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.2614.3500
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.2919.800
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.2919.6307
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.2920.0000
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.3103.1000
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.3105.0106
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.3314.2101
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.3315.1000
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.3502.1000
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.00.3700.1000
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.0_ta3
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.01
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.1::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.1::mac_os
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.01::windows_server_2003
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.01:sp1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.01:sp3
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.1.1::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.1.7::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.2::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.2.3
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.2.3::mac%2bos
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.2.3::macintosh
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.5
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.5:preview
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.5:sp1
     Show Matching CPE(s)
 cpe:/a:microsoft:ie:5.5:sp2
     Show Matching CPE(s)

Showing 100 of 127 CPEs, view all CPEs here.

Change History

2 change records found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2009-2576
NVD Published Date:
07/22/2009
NVD Last Modified:
10/10/2018