2009-2500 | Microsoft Internet Explorer numeric error (BID-36619 / XFDB-53533)
|CVSS Meta Temp Score||Current Exploit Price (≈)||CTI Interest Score|
A vulnerability was found in Microsoft Internet Explorer 6 (Web Browser). It has been classified as very critical. CWE is classifying the issue as CWE-189. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka “GDI+ WMF Integer Overflow Vulnerability.”
The weakness was presented 10/14/2009 (Website). The advisory is shared at us-cert.gov. This vulnerability is uniquely identified as CVE-2009-2500 since 07/17/2009. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. It demands that the victim is doing some kind of user interaction. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 08/23/2021). It is expected to see the exploit prices for this product decreasing in the near future.
The vulnerability scanner Nessus provides a plugin with the ID 72908 (MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488) (uncredentialed check)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows. The commercial vulnerability scanner Qualys is able to test this issue with plugin 90551 (Microsoft Windows GDI+ Remote Code Execution Vulnerability (MS09-062)).
Upgrading eliminates this vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 8641.
VulDB Meta Base Score: 9.6
VulDB Meta Temp Score: 9.2
NVD Base Score: 🔍
Status: Not defined
0-Day Time: 🔍
Status: Not defined
Vulnerability Center: 23747 – [MS09-062] Microsoft GDI+ Integer Overflow Remote Code Execution via a WMF Image File, Critical
See also: 🔍
Download the whitepaper to learn more about our service!