CVE-2009-1132
Windows Vista and Server 2008 - Remote Code Execution via Malformed Wireless Frame
Title source: llmDescription
Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed wireless frame, aka "Wireless Frame Parsing Remote Code Execution Vulnerability."
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6389
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA09-251A.html
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-049
Scores
EPSS
0.2705
EPSS Percentile
97.8%
Details
CWE
CWE-119
Status
published
Products (2)
microsoft/windows_server_2008
(4 CPE variants)
microsoft/windows_vista
(6 CPE variants)
Published
Sep 08, 2009
Tracked Since
Feb 18, 2026