Cumulative Security Update For Internet Explorer (972260) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS09-034.

Impact

Specially crafted HTML page will let the attacker execute arbitrary codes in the context of the affected system and cause memory corruption. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/MS09-034

Insight

Multiple errors occur due to the way IE - handles memory objects, - handles table operations, - access a previously deleted object.

Affected

Microsoft Internet Explorer version 5.x/6.x/7.x/8.x

References

http://support.microsoft.com/kb/972260
http://technet.microsoft.com/en-us/security/bulletin/MS09-034

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1917, CVE-2009-1918, CVE-2009-1919

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Checks for MS HOTFIX for snmp buffer overruns
Microsoft .NET Framework Remote Code Execution Vulnerability (2706726)
Microsoft Wireless LAN AutoConfig Service Remote Code Execution Vulnerability (970710)
Buffer Overrun in Messenger Service (828035)
Internet Information Services (IIS) FTP Service Remote Code Execution Vulnerability (2489256)

Cumulative Security Update for Internet Explorer (972260)

Take action and discover your vulnerabilities