CVE-2009-1528

CVE-2009-1528 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Microsoft Internet Explorer 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not properly synchronize AJAX requests, which allows allows remote attackers to execute arbitrary code via a large number of concurrent, asynchronous XMLHttpRequest calls, aka "HTML Object Memory Corruption Vulnerability."

Learn more about our Cis Benchmark Audit For Server Software.