Microsoft Internet Explorer Uninitialized Memory Corruption Code Execution Vulnerability

  Severity: CRITICAL
  CVE Identifier: CVE-2009-0553,MS09-014
  Advisory Date: JUL 21, 2015

  DESCRIPTION

Microsoft Internet Explorer 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability."

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1003428
  Trend Micro Deep Security DPI Rule Name: 1003428 - Microsoft Internet Explorer Uninitialized Memory Corruption Code Execution Vulnerability

  AFFECTED SOFTWARE AND VERSION

  • microsoft internet explorer