CVE-2009-2576
First published: Wed Jul 22 2009(Updated: )
Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Internet Explorer | =5.0 | |
| Microsoft Internet Explorer | =5.0 | |
| Microsoft Internet Explorer | =5.2.3 | |
| Microsoft Internet Explorer | =4.0 | |
| Microsoft Internet Explorer | =5.0.1 | |
| Microsoft Internet Explorer | =6 | |
| Microsoft Internet Explorer | =5.1 | |
| Microsoft Internet Explorer | =3.0 | |
| Microsoft Internet Explorer | ||
| Microsoft Internet Explorer | =5.0 | |
| Microsoft Internet Explorer | =5.22 | |
| Internet Explorer | =5 | |
| Microsoft Internet Explorer | =4.x | |
| Microsoft Internet Explorer | =4.0.1 | |
| Microsoft Internet Explorer | =5.0 | |
| Internet Explorer | =6-sp1 | |
| Microsoft Internet Explorer | =6-sp1 | |
| Microsoft Internet Explorer | =5.0_ta3 | |
| Microsoft Internet Explorer | =4.0.1 | |
| Internet Explorer | <=6.0.2900.2180 | |
| Microsoft Internet Explorer | =6 | |
| Microsoft Internet Explorer | =4.5 | |
| Microsoft Internet Explorer | =4.5 | |
| Microsoft Internet Explorer | =5.1.1 | |
| Microsoft Internet Explorer | =2.0 | |
| Microsoft Internet Explorer | =4.0 | |
| Microsoft Internet Explorer | =2.0_beta | |
| Microsoft Internet Explorer | =6-sp1 | |
| Microsoft Internet Explorer | =4.0.1 | |
| Microsoft Internet Explorer | =6-sp1 | |
| Microsoft Internet Explorer | =5.0.1 | |
| Microsoft Internet Explorer | =3.1 | |
| Microsoft Internet Explorer | ||
| Microsoft Internet Explorer | =5.x | |
| Microsoft Internet Explorer | =5.0.1 | |
| Microsoft Internet Explorer | =5.0.1 | |
| Microsoft Internet Explorer | =5.0 | |
| Microsoft Internet Explorer | =4.0a | |
| Microsoft Internet Explorer | =5.0-sp4 | |
| Microsoft Internet Explorer | =4.1 | |
| Microsoft Internet Explorer | =5.2.3 | |
| Microsoft Internet Explorer | =6 | |
| Microsoft Internet Explorer | =5.0-sp1 | |
| Microsoft Internet Explorer | =5.01 | |
| Microsoft Internet Explorer | =3.01 | |
| Microsoft Internet Explorer | =4.0 | |
| Microsoft Internet Explorer | =5.0 | |
| Microsoft Internet Explorer | =4.0 | |
| Microsoft Internet Explorer | =5.1 | |
| Microsoft Internet Explorer | =4.1 | |
| Microsoft Internet Explorer | =5 | |
| Internet Explorer | =6 | |
| Microsoft Internet Explorer | =5.1.7 | |
| Microsoft Internet Explorer | =6-sp1 | |
| Microsoft Internet Explorer | =5.2 | |
| Microsoft Internet Explorer | =5.0 | |
| Internet Explorer | =5.01 | |
| Microsoft Internet Explorer | =4.0-a | |
| Microsoft Internet Explorer | =4.0.1 | |
| Microsoft Internet Explorer | =3.0.1 | |
| Microsoft Internet Explorer | =6-sp1 | |
| Microsoft Internet Explorer | =6 | |
| Microsoft Internet Explorer | =3.0 | |
| Microsoft Internet Explorer | =4.1 | |
| Internet Explorer | =5.01-sp3 | |
| Internet Explorer | =5.5-sp2 | |
| Internet Explorer | =3.0.1 | |
| Internet Explorer | =3.0.2 | |
| Internet Explorer | =3.0 | |
| Internet Explorer | =3.1 | |
| Internet Explorer | =3.2 | |
| Internet Explorer | =4.0 | |
| Internet Explorer | =4.0.1 | |
| Internet Explorer | =4.0.1-sp2 | |
| Internet Explorer | =4.0.1-sp1 | |
| Internet Explorer | =4.01 | |
| Internet Explorer | =4.01-sp1 | |
| Internet Explorer | =4.1 | |
| Internet Explorer | =4.5 | |
| Internet Explorer | =4.40.308 | |
| Internet Explorer | =4.40.520 | |
| Internet Explorer | =4.70.1155 | |
| Internet Explorer | =4.70.1158 | |
| Internet Explorer | =4.70.1215 | |
| Internet Explorer | =4.70.1300 | |
| Internet Explorer | =4.72.3612.1713 | |
| Internet Explorer | =4.71.1008.3 | |
| Internet Explorer | =4.71.1712.6 | |
| Internet Explorer | =4.72.2106.8 | |
| Internet Explorer | =4.72.3110.8 | |
| Internet Explorer | =5.0 | |
| Internet Explorer | =5.0.1 | |
| Internet Explorer | =5.0.1-sp2 | |
| Internet Explorer | =5.0.1-sp4 | |
| Internet Explorer | =5.0.1-sp1 | |
| Internet Explorer | =5.00.0518.10 | |
| Internet Explorer | =5.00.0910.1309 | |
| Internet Explorer | =5.00.2014.0216 | |
| Internet Explorer | =5.00.2614.3500 | |
| Internet Explorer | =5.00.2516.1900 | |
| Internet Explorer | =5.00.2919.800 | |
| Internet Explorer | =5.00.2919.6307 | |
| Internet Explorer | =5.00.2920.0000 | |
| Internet Explorer | =5.00.3103.1000 | |
| Internet Explorer | =5.00.3105.0106 | |
| Internet Explorer | =5.00.3314.2101 | |
| Internet Explorer | =5.00.3315.1000 | |
| Internet Explorer | =5.00.3502.1000 | |
| Internet Explorer | =5.00.3700.1000 | |
| Internet Explorer | =5.50.3825.1300 | |
| Internet Explorer | =5.50.4030.2400 | |
| Internet Explorer | =5.50.4134.0100 | |
| Internet Explorer | =5.50.4134.0600 | |
| Internet Explorer | =5.50.4308.2900 | |
| Internet Explorer | =5.50.4522.1800 | |
| Internet Explorer | =5.50.4807.2300 | |
| Internet Explorer | =5.5 | |
| Internet Explorer | =5.01-sp1 | |
| Internet Explorer | =5.1 | |
| Internet Explorer | =5.2.3 | |
| Internet Explorer | =5.5-preview | |
| Internet Explorer | =5.5-sp1 | |
| Internet Explorer | =6.0.2600 | |
| Internet Explorer | =6.0 | |
| Internet Explorer | =6.0.2800 | |
| Internet Explorer | =6.0.2800.1106 | |
| Internet Explorer | =6.0.2900 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://websecurity.com.ua/3338/
- http://archives.neohapsis.com/archives/bugtraq/2009-07/0192.html
- http://archives.neohapsis.com/archives/bugtraq/2009-07/0193.html
- http://www.securityfocus.com/archive/1/505122/100/0/threaded
- http://www.securityfocus.com/archive/1/505120/100/0/threaded
- http://www.securityfocus.com/archive/1/505092/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2009-2576?
CVE-2009-2576 is classified as a denial of service vulnerability affecting Microsoft Internet Explorer.
How do I fix CVE-2009-2576?
To fix CVE-2009-2576, users should update to the latest version of Microsoft Internet Explorer available at the time.
What versions of Internet Explorer are affected by CVE-2009-2576?
CVE-2009-2576 affects Microsoft Internet Explorer versions 6.0.2900.2180 and earlier, as well as certain earlier versions of Internet Explorer 7.
What is the attack vector for CVE-2009-2576?
The attack vector for CVE-2009-2576 involves sending a long Unicode string argument to the write method, leading to denial of service.
Is there a workaround for CVE-2009-2576?
A workaround for CVE-2009-2576 is to avoid using Microsoft Internet Explorer versions known to be affected until an update is applied.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- collector/nvd-historical
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft internet explorer
- version/microsoft internet explorer/5.0
- version/microsoft internet explorer/5.2.3
- version/microsoft internet explorer/4.0
- version/microsoft internet explorer/5.0.1
- version/microsoft internet explorer/6
- version/microsoft internet explorer/5.1
- version/microsoft internet explorer/3.0
- version/microsoft internet explorer/5.22
- canonical/internet explorer
- version/internet explorer/5
- version/microsoft internet explorer/4.x
- version/microsoft internet explorer/4.0.1
- version/internet explorer/6-sp1
- version/microsoft internet explorer/6-sp1
- version/microsoft internet explorer/5.0_ta3
- version/internet explorer/6.0.2900.2180
- version/microsoft internet explorer/4.5
- version/microsoft internet explorer/5.1.1
- version/microsoft internet explorer/2.0
- version/microsoft internet explorer/2.0_beta
- version/microsoft internet explorer/3.1
- version/microsoft internet explorer/5.x
- version/microsoft internet explorer/4.0a
- version/microsoft internet explorer/5.0-sp4
- version/microsoft internet explorer/4.1
- version/microsoft internet explorer/5.0-sp1
- version/microsoft internet explorer/5.01
- version/microsoft internet explorer/3.01
- version/microsoft internet explorer/5
- version/internet explorer/6
- version/microsoft internet explorer/5.1.7
- version/microsoft internet explorer/5.2
- version/internet explorer/5.01
- version/microsoft internet explorer/4.0-a
- version/microsoft internet explorer/3.0.1
- version/internet explorer/5.01-sp3
- version/internet explorer/5.5-sp2
- version/internet explorer/3.0.1
- version/internet explorer/3.0.2
- version/internet explorer/3.0
- version/internet explorer/3.1
- version/internet explorer/3.2
- version/internet explorer/4.0
- version/internet explorer/4.0.1
- version/internet explorer/4.0.1-sp2
- version/internet explorer/4.0.1-sp1
- version/internet explorer/4.01
- version/internet explorer/4.01-sp1
- version/internet explorer/4.1
- version/internet explorer/4.5
- version/internet explorer/4.40.308
- version/internet explorer/4.40.520
- version/internet explorer/4.70.1155
- version/internet explorer/4.70.1158
- version/internet explorer/4.70.1215
- version/internet explorer/4.70.1300
- version/internet explorer/4.72.3612.1713
- version/internet explorer/4.71.1008.3
- version/internet explorer/4.71.1712.6
- version/internet explorer/4.72.2106.8
- version/internet explorer/4.72.3110.8
- version/internet explorer/5.0
- version/internet explorer/5.0.1
- version/internet explorer/5.0.1-sp2
- version/internet explorer/5.0.1-sp4
- version/internet explorer/5.0.1-sp1
- version/internet explorer/5.00.0518.10
- version/internet explorer/5.00.0910.1309
- version/internet explorer/5.00.2014.0216
- version/internet explorer/5.00.2614.3500
- version/internet explorer/5.00.2516.1900
- version/internet explorer/5.00.2919.800
- version/internet explorer/5.00.2919.6307
- version/internet explorer/5.00.2920.0000
- version/internet explorer/5.00.3103.1000
- version/internet explorer/5.00.3105.0106
- version/internet explorer/5.00.3314.2101
- version/internet explorer/5.00.3315.1000
- version/internet explorer/5.00.3502.1000
- version/internet explorer/5.00.3700.1000
- version/internet explorer/5.50.3825.1300
- version/internet explorer/5.50.4030.2400
- version/internet explorer/5.50.4134.0100
- version/internet explorer/5.50.4134.0600
- version/internet explorer/5.50.4308.2900
- version/internet explorer/5.50.4522.1800
- version/internet explorer/5.50.4807.2300
- version/internet explorer/5.5
- version/internet explorer/5.01-sp1
- version/internet explorer/5.1
- version/internet explorer/5.2.3
- version/internet explorer/5.5-preview
- version/internet explorer/5.5-sp1
- version/internet explorer/6.0.2600
- version/internet explorer/6.0
- version/internet explorer/6.0.2800
- version/internet explorer/6.0.2800.1106
- version/internet explorer/6.0.2900