CVE

Id
39942  
CVE No.
CVE-2009-2507  
Status
Candidate  
Description
A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory Corruption in Indexing Service Vulnerability."  
Phase
Assigned (20090717)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
438994 39942 CVE-2009-2507 MS:MS09-057  View
438995 39942 CVE-2009-2507 URL:http://www.microsoft.com/technet/security/Bulletin/MS09-057.mspx  View
438996 39942 CVE-2009-2507 CERT:TA09-286A  View
438997 39942 CVE-2009-2507 URL:http://www.us-cert.gov/cas/techalerts/TA09-286A.html  View
438998 39942 CVE-2009-2507 OVAL:oval:org.mitre.oval:def:6042  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
41236 JVNDB-2009-002243 Microsoft Windows の CryptoAPI コンポーネントにおける整数オーバーフローの脆弱性 Microsoft Windows の CryptoAPI コンポーネントには、ASN.1 Object Identifier (OID) を持つ X.509 証明書の処理に不備があるため、任意の SSL サーバになりすまされる脆弱性が存在します。 CVE-2009-2511 39942 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002243.html  View