CVE-2009-1544

HIGH Year: 2009
CVSS v3 Score
8.8
High
CVSS v2 Score
9.0
Critical
Weakness Type
CWE-399
View all →

Vulnerability Description

Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server 2008 Gold or SP2 system, aka "Workstation Service Memory Corruption Vulnerability."

Related Vulnerabilities

CVE-2009-0554

HIGH
CVSS:8.8(High)

Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote ...

CWE-3992009

CVE-2010-0047

HIGH
CVSS:8.8(High)

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML obje...

CWE-3992010

CVE-2010-0048

HIGH
CVSS:8.8(High)

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.

CWE-3992010

CVE-2012-4775

HIGH
CVSS:8.8(High)

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."

CWE-3992012

CVE-2013-0090

HIGH
CVSS:8.8(High)

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Interne...

CWE-3992013

CVE-2016-1778

HIGH
CVSS:8.8(High)

WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

CWE-3992016