CVE-2009-1532 – Microsoft Internet Explorer 8 Rows Property Dangling Pointer Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-1532
Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via "malformed row property references" that trigger an access of an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Objects Memory Corruption Vulnerability" or "HTML Object Memory Corruption Vulnerability." Microsoft Internet Explorer 8 para Windows XP SP2 y SP3; 8 para Server 2003 SP2; 8 para Vista Gold, SP1 y SP2; y 8 para Server 2008 SP2 no maneja apropiadamente los objetos en la memoria, lo que permite a los atacantes remotos ejecutar código arbitrario por medio de "malformed row property references" que desencadenan un acceso de un objeto que (1) no se inicializó apropiadamente o (2) se elimina, lo que conlleva a corrupción de la memoria, también se conoce como "HTML Objects Memory Corruption Vulnerability" o "HTML Object Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer 8. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the rendering of an HTML page with malformed row property references, resulting in a dangling pointer which can be abused to execute arbitrary code. Internet Explorer 7 is not affected. • http://osvdb.org/54951 http://www.securityfocus.com/archive/1/504208/100/0/threaded http://www.securitytracker.com/id?1022350 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1538 http://www.zerodayinitiative.com/advisories/ZDI-09-041 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-019 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6244 • CWE-787: Out-of-bounds Write •
CVE-2008-6819
https://notcve.org/view.php?id=CVE-2008-6819
win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (system crash) via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possibly a race condition between threads, a different vulnerability than CVE-2008-1084. NOTE: some of these details are obtained from third party information. win32k.sys en Microsoft Windows Server 2003 y Vista, permite a usuarios locales provocar una denegación de servicio (caída del sistema) a través de vectores relativos a CreateWindow, TranslateMessage, y DispatchMessage, posibilidad de condición de carrera entre hilos, es una vulnerabilidad distinta a CVE-2008-1084. • http://bugtraq.ru/cgi-bin/forum.mcgi?type=sb&b=2&m=152274 http://www.securityfocus.com/bid/35121 http://www.securityfocus.com/data/vulnerabilities/exploits/35121.c • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2009-1537
https://notcve.org/view.php?id=CVE-2009-1537
Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka "DirectX NULL Byte Overwrite Vulnerability." Vulnerailidad sin especificar en el filtro QuickTime Movie Parser en quartz.dll en DirectShow en Microsoft DirectX v7.0 hasta v9.0c en Windows 2000 SP4, Windows XP SP2 y SP3, y Windows Server 2003 SP2 permite a atacantes remotos ejecutar código de su elección a través de un fichero multimedia QuickTime manipulado, como se ha explotado libremente en Mayo de 2009. • http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx http://isc.sans.org/diary.html?storyid=6481 http://osvdb.org/54797 http://secunia.com/advisories/35268 http://www.microsoft.com/technet/security/advisory/971778.mspx http://www.securityfocus.com/bid/35139 http://www.securitytracker.com/id?1022299 http://www.us •
CVE-2009-0551
https://notcve.org/view.php?id=CVE-2009-0551
Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP document followed by a request for a second HTTP document, which allows remote attackers to execute arbitrary code via vectors involving (1) multiple crafted pages on a web site or (2) a web page with crafted inline content such as banner advertisements, aka "Page Transition Memory Corruption Vulnerability." Microsoft Internet Explorer v6 SP1, v6 y v7 en Windows XP SP2 y SP3, v6 y v7 en Windows Server 2003 SP1 y SP2, v7 en Windows Vista Gold y SP1, y v7 en Windows Server 2008 no maneja adecuadamente errores de transición en una petición a un documento HTTP seguido de una petición a un segundo documento HTTP, lo que permite a atacantes remotos ejecutar código de su elección a través de vectores relacionados (1) múltiples páginas manipuladas en un sitio Web (2) una página Web con líneas de contenido manipulado como publicidad en forma de banner, también conocido como "Vulnerabilidad de Corrupción de Memoria en transición de página". • http://osvdb.org/53624 http://secunia.com/advisories/34678 http://support.avaya.com/elmodocs2/security/ASA-2009-133.htm http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=871138 http://www.securitytracker.com/id?1022042 http://www.us-cert.gov/cas/techalerts/TA09-104A.html http://www.vupen.com/english/advisories/2009/1028 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre • CWE-399: Resource Management Errors •
CVE-2009-0084
https://notcve.org/view.php?id=CVE-2009-0084
Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression Vulnerability." DirectShow en Microsoft DirectX v8.1 y v9.0 no descomprime adecuadamente ficheros multimedia, lo cual permite a atacantes remotos ejecutar código de su elección a través de un (1) fichero MJPEG manipulado o (2) cadena video, también conocido como "Vulnerabilidad de Descompresión MJPEG". • http://osvdb.org/53632 http://secunia.com/advisories/34665 http://support.avaya.com/elmodocs2/security/ASA-2009-132.htm http://www.piotrbania.com/all/adv/ms-directx-mjpeg-adv.txt http://www.securityfocus.com/bid/34460 http://www.securitytracker.com/id?1022040 http://www.us-cert.gov/cas/techalerts/TA09-104A.html http://www.vupen.com/english/advisories/2009/1025 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-011 https://oval.cisecurity.org • CWE-94: Improper Control of Generation of Code ('Code Injection') •