Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly synchronize AJAX requests, which allows allows remote attackers to execute arbitrary code via a large number of concurrent, asynchronous XMLHttpRequest calls, aka "HTML Object Memory Corruption Vulnerability."
2009-06-10T18:30:00.453
2025-04-09T00:30:58.490
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | microsoft | internet_explorer | 6 | Yes |
Operating System | microsoft | windows_server_2003 | * | No |
Operating System | microsoft | windows_server_2003 | * | No |
Operating System | microsoft | windows_server_2003 | * | No |
Operating System | microsoft | windows_server_2003 | * | No |
Operating System | microsoft | windows_xp | * | No |
Operating System | microsoft | windows_xp | * | No |
Operating System | microsoft | windows_xp | * | No |
Operating System | microsoft | windows_xp | * | No |
Application | microsoft | internet_explorer | 7 | Yes |
Operating System | microsoft | windows_server_2003 | * | No |
Operating System | microsoft | windows_server_2003 | * | No |
Operating System | microsoft | windows_server_2003 | * | No |
Operating System | microsoft | windows_server_2003 | * | No |
Operating System | microsoft | windows_server_2008 | * | No |
Operating System | microsoft | windows_server_2008 | * | No |
Operating System | microsoft | windows_server_2008 | * | No |
Operating System | microsoft | windows_server_2008 | * | No |
Operating System | microsoft | windows_vista | * | No |
Operating System | microsoft | windows_vista | * | No |
Operating System | microsoft | windows_vista | * | No |
Operating System | microsoft | windows_vista | gold | No |
Operating System | microsoft | windows_xp | * | No |
Operating System | microsoft | windows_xp | * | No |
Operating System | microsoft | windows_xp | * | No |
Operating System | microsoft | windows_xp | * | No |