Published: 10/07/2009 Updated: 23/07/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote malicious users to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet explorer 8.0.6001
microsoft internet explorer 7.0
microsoft internet explorer 7
microsoft internet explorer 7.0.5730.11
microsoft internet explorer 7.00.6000.16441
microsoft internet explorer 7.0.5730
microsoft ie 8.0b
microsoft internet explorer 7.00.5730.1100
microsoft internet explorer 7.00.6000.16386

-------------------------------------------> IE Add Favourites Stack Buffer Overflow POC Sberry, Compaq -------------------------------------------> <html> <head> <script language="JavaScript" type="Text/Javascript"> function go() { var str =unescape('%u4141'); var finalstr = createInlineBuffer(str, 5150000); var len = ...

CWE-119 http://www.securityfocus.com/bid/35620 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12829 http://www.exploit-db.com/exploits/9100 https://nvd.nist.gov https://www.exploit-db.com/exploits/9100/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-2433

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect