What is the severity of CVE-2009-3674?

CVE-2009-3674 has a critical severity rating as it allows remote attackers to execute arbitrary code.

How do I fix CVE-2009-3674?

To fix CVE-2009-3674, users should ensure their Internet Explorer is updated to the latest version provided by Microsoft.

Which versions of Internet Explorer are affected by CVE-2009-3674?

CVE-2009-3674 affects Internet Explorer versions 5.0.1, 6, 7, and 8 on various Windows operating systems.

What type of vulnerability is CVE-2009-3674?

CVE-2009-3674 is classified as an Uninitialized Memory Corruption vulnerability.

What are the potential consequences of CVE-2009-3674?

The exploitation of CVE-2009-3674 can lead to memory corruption, allowing attackers to execute arbitrary code on the affected system.

Vulnerability/
CVE-2009-3674

critical

9.3

CWE

399

9/12/2009

7/8/2024

CVE-2009-3674

First published: Wed Dec 09 2009(Updated: )

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671.

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
All of
Internet Explorer	=5.0.1-sp4
Microsoft Windows 2000	=sp4
All of
Internet Explorer	=6-sp1
Microsoft Windows 2000	=sp4
All of
Internet Explorer	=6
Any of
Microsoft Windows Server 2003	=sp2
Microsoft Windows XP	=sp2
Microsoft Windows XP	=sp3
Microsoft Windows XP	=sp2
All of
Internet Explorer	=7
Any of
Microsoft Windows Server 2003	=sp2
Microsoft Windows Server 2008 Itanium
Microsoft Windows Server 2008 Itanium
Microsoft Windows Server 2008 Itanium
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Vista
Microsoft Windows Vista	=sp1
Microsoft Windows Vista	=sp2
Microsoft Windows XP	=sp2
Microsoft Windows XP	=sp2
Microsoft Windows XP	=sp3
All of
Internet Explorer	=8
Any of
Microsoft Windows 7
Microsoft Windows Server 2003	=sp2
Microsoft Windows Server 2008 Itanium
Microsoft Windows Server 2008 Itanium
Microsoft Windows Server 2008 Itanium	=r2
Microsoft Windows Server 2008 Itanium	=r2
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Vista
Microsoft Windows Vista	=sp1
Microsoft Windows Vista	=sp2
Microsoft Windows XP	=sp2
Microsoft Windows XP	=sp3
Internet Explorer	=5.0.1-sp4
Microsoft Windows 2000	=sp4
Internet Explorer	=6-sp1
Internet Explorer	=6
Microsoft Windows Server 2003	=sp2
Microsoft Windows XP	=sp2
Microsoft Windows XP	=sp3
Microsoft Windows XP	=sp2
Internet Explorer	=7
Microsoft Windows Server 2008 Itanium
Microsoft Windows Server 2008 Itanium
Microsoft Windows Server 2008 Itanium
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Server 2008 Itanium	=sp2
Microsoft Windows Vista
Microsoft Windows Vista	=sp1
Microsoft Windows Vista	=sp1
Microsoft Windows Vista	=sp2
Microsoft Windows Vista	=sp2
Microsoft Windows XP	=sp2
Internet Explorer	=8
Microsoft Windows 7
Microsoft Windows Server 2008 Itanium	=r2
Microsoft Windows Server 2008 Itanium	=r2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-3674?
CVE-2009-3674 has a critical severity rating as it allows remote attackers to execute arbitrary code.
How do I fix CVE-2009-3674?
To fix CVE-2009-3674, users should ensure their Internet Explorer is updated to the latest version provided by Microsoft.
Which versions of Internet Explorer are affected by CVE-2009-3674?
CVE-2009-3674 affects Internet Explorer versions 5.0.1, 6, 7, and 8 on various Windows operating systems.
What type of vulnerability is CVE-2009-3674?
CVE-2009-3674 is classified as an Uninitialized Memory Corruption vulnerability.
What are the potential consequences of CVE-2009-3674?
The exploitation of CVE-2009-3674 can lead to memory corruption, allowing attackers to execute arbitrary code on the affected system.

collector/nvd-historical
agent/type
agent/references
agent/author
agent/weakness
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-api
agent/software-canonical-lookup-request
collector/nvd-index
vendor/microsoft
canonical/internet explorer
version/internet explorer/5.0.1-sp4
canonical/microsoft windows 2000
version/microsoft windows 2000/sp4
version/internet explorer/6-sp1
version/internet explorer/6
canonical/microsoft windows server 2003
version/microsoft windows server 2003/sp2
canonical/microsoft windows xp
version/microsoft windows xp/sp2
version/microsoft windows xp/sp3
version/internet explorer/7
canonical/microsoft windows server 2008 itanium
version/microsoft windows server 2008 itanium/sp2
canonical/microsoft windows vista
version/microsoft windows vista/sp1
version/microsoft windows vista/sp2
version/internet explorer/8
canonical/microsoft windows 7
version/microsoft windows server 2008 itanium/r2

CVE-2009-3674

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-3674?

How do I fix CVE-2009-3674?

Which versions of Internet Explorer are affected by CVE-2009-3674?

What type of vulnerability is CVE-2009-3674?

What are the potential consequences of CVE-2009-3674?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2009-3674?

How do I fix CVE-2009-3674?

Which versions of Internet Explorer are affected by CVE-2009-3674?

What type of vulnerability is CVE-2009-3674?

What are the potential consequences of CVE-2009-3674?