Release DateApr 17, 2009 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a double-free vulnerability in Microsoft Internet Explorer.The vulnerability is caused by an error when the "history.go" method accesses an object that has not been correctly initialized or that has been deleted. It allows a remote attacker to execute arbitrary code. |
Affected ProductsMicrosoft Internet Explorer 7Microsoft Internet Explorer 6 SP1 Microsoft Internet Explorer 6 Microsoft Internet Explorer 5.01 SP4 |
Recommended ActionsApply patch, available from the website:http://www.microsoft.com/technet/security/Bulletin/MS09-014.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-0552 |
Reference/shttp://www.microsoft.com/technet/security/Bulletin/MS09-014.mspx (MS-ID) |
