Buffer overflow in Microsoft Ie

CVE-2009-2433

Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument.

Vulnerability class: Buffer Overflow

EPSS: 0.189 (96.9th percentile) — read the EPSS interpretation.

Affected products

Microsoft Ie — versions 8.0b
Microsoft Internet_explorer — versions 7, 7.0, 7.0.5730
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (signature, x_refsource_OVAL, vdb-entry)
cve@mitre.org (exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (vdb-entry, x_refsource_BID)