CVE-2009-2519 Information

Description

The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4 XP SP2 and SP3 and Server 2003 SP2 does not properly format HTML markup which allows remote attackers to execute arbitrary code via a crafted web site that triggers \system state\ corruption aka \DHTML Editing Component ActiveX Control Vulnerability.\

Reference

http://secunia.com/advisories/36592 http://www.securityfocus.com/bid/36280 http://www.securitytracker.com/id?1022843 http://www.us-cert.gov/cas/techalerts/TA09-251A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-046 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6271