SecuritySpace - CVE-2009-1530

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID:	CVE-2009-1530
Description:	Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which triggers an access of an object that (1) was not properly initialized or (2) is deleted, aka "HTML Objects Memory Corruption Vulnerability."
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1530 Bugtraq: 20090610 ZDI-09-038: Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504209/100/0/threaded Cert/CC Advisory: TA09-160A http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.zerodayinitiative.com/advisories/ZDI-09-038 Microsoft Security Bulletin: MS09-019 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-019 http://osvdb.org/54949 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6294 http://www.securitytracker.com/id?1022350 http://www.vupen.com/english/advisories/2009/1538