CVE-2009-0075
EXPLOITEDMicrosoft Internet Explorer 7 - Uninitialized Memory Corruption
Title source: llmDescription
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
Exploits (7)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16555
exploitdb
WORKING POC
VERIFIED
by webDEViL · htmlremotewindows
https://www.exploit-db.com/exploits/8082
exploitdb
WORKING POC
VERIFIED
by David Kennedy (ReL1K) · pythonremotewindows
https://www.exploit-db.com/exploits/8080
exploitdb
WORKING POC
VERIFIED
by Abysssec · htmlremotewindows
https://www.exploit-db.com/exploits/8079
exploitdb
WORKING POC
VERIFIED
by anonymous · htmldoswindows
https://www.exploit-db.com/exploits/8077
metasploit
WORKING POC
NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ms09_002_memory_corruption.rb
References (11)
Scores
EPSS
0.8693
EPSS Percentile
99.4%
Details
VulnCheck KEV
2010-05-01
CWE
CWE-399
Status
published
Products (1)
microsoft/internet_explorer
7
Published
Feb 10, 2009
Tracked Since
Feb 18, 2026