CVE-2009-1209

W3 Amaya - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute.

Exploits (3)

exploitdb WORKING POC VERIFIED

by His0k4 · pythonremotewindows

https://www.exploit-db.com/exploits/9330

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Encrypt3d.M!nd · pythonremotewindows

https://www.exploit-db.com/exploits/8321

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Alfons Luja · phpdoswindows

https://www.exploit-db.com/exploits/8314

View Code ZIP pw:eip

References (6)

[Vendor Advisory] http://secunia.com/advisories/34531

[Exploit] http://www.securityfocus.com/bid/34295

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/47399

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/8314

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/8321

[Third Party Advisory] http://www.vupen.com/english/advisories/2009/0889

Scores

EPSS 0.2930

EPSS Percentile 96.5%

Classification

CWE

CWE-119

Status draft

Affected Products (1)

w3/amaya

Timeline

Published Apr 01, 2009

Tracked Since Feb 18, 2026