| Last Updated Date | Jun 23, 2009 |
| Release Date | Apr 17, 2009 |
| Severity | High |
| Impact | System Compromise: Remote attackers can gain control of vulnerable systems. |
| Description | This indicates an attack attempt against a double-free vulnerability in Microsoft Internet Explorer.
The vulnerability is caused by an error when the "history.go" method accesses an object that has not been correctly initialized or that has been deleted. It allows a remote attacker to execute arbitrary code. |
| Affected Products | Microsoft Internet Explorer 7
Microsoft Internet Explorer 6 SP1
Microsoft Internet Explorer 6
Microsoft Internet Explorer 5.01 SP4 |
| Recommended Actions | Apply patch, available from the website:
http://www.microsoft.com/technet/security/Bulletin/MS09-014.mspx |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-0552
|
| Microsoft Bulletin ID | MS09-014 http://www.microsoft.com/technet/security/Bulletin/MS09-014.mspx |