New Search

Page Transition Memory Corruption Vulnerability

oval:org.mitre.oval:def:6164

Microsoft Internet Explorer 6 SP1 6 and 7 on Windows XP SP2 and SP3 6 and 7 on Windows Server 2003 SP1 and SP2 7 on Windows Vista Gold and SP1 and 7 on Windows Server 2008 does not properly handle transition errors in a request for one HTTP document followed by a request for a second HTTP document which allows remote attackers to execute arbitrary code via vectors involving (1) multiple crafted pages on a web site or (2) a web page with crafted inline content such as banner advertisements aka "Page Transition Memory Corruption Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
  • Microsoft Windows Vista
Class:
vulnerability
Reference(s):
  • CVE-2009-0551
Product(s):
  • Microsoft Internet Explorer