CVE-2009-3673
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2009-3673
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Microsoft Internet Explorer 7 and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft IE CSS竞争条件远程代码执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Internet Explorer是Windows操作系统中默认捆绑的WEB浏览器。 在CSS两个元素之间快速的反复点击切换可能触发竞争条件,导致调用悬浮指针,这可以通过heap spray进一步利用。攻击者可以通过构建特制的网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2009-3673
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2009-3673
Please Login to view more intelligence information
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-072vendor-advisoryx_refsource_MS
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6519vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2009-3673
Same Patch Batch · n/a · 2009-12-09 · 14 CVEs total
| CVE-2009-4239 | IBM InfoSphere Information Server Web控制台跨站脚本攻击漏洞 | |
| CVE-2009-4240 | IBM InfoSphere Information Server DataStage子系统多个缓冲区溢出漏洞 | |
| CVE-2009-0102 | Microsoft Project无效资源内存分配远程代码执行漏洞 | |
| CVE-2009-2505 | Microsoft Windows IAS服务远程内存破坏漏洞 | |
| CVE-2009-2506 | Microsoft写字板和Office文本转换器整数溢出漏洞 | |
| CVE-2009-2508 | Microsoft Windows Server Active Directory Federation Services信任管理漏洞 | |
| CVE-2009-2509 | Microsoft Windows Server Active Directory Federation ServicesIIS web服务器远程代码执行漏洞 | |
| CVE-2009-3671 | Microsoft Internet Explorer 资源管理错误漏洞 | |
| CVE-2009-3674 | Microsoft IE CAttrArray对象远程代码执行漏洞 | |
| CVE-2009-3675 | Microsoft Windows LSASS服务ISAKMP消息远程拒绝服务漏洞 | |
| CVE-2009-3677 | Microsoft Windows IAS服务MS-CHAP请求绕过认证漏洞 | |
| CVE-2009-4149 | CA service_desk WEB接口跨站脚本攻击漏洞 | |
| CVE-2009-3563 | NTP(Network Time Protocol)NTP模式7(MODE_PRIVATE)报文远程拒绝服务漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8248
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send
V. Comments for CVE-2009-3673
No comments yet