exploitDog

CVE-2008-2257

Опубликовано: 13 авг. 2008

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption Vulnerability" or "XHTML Rendering Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2258.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:6:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.6787

Средний

9.3 Critical

CVSS2

Дефекты

CWE-399

Связанные уязвимости

GHSA-2c69-52h7-cm65

github

больше 3 лет назад

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption Vulnerability" or "XHTML Rendering Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2258.

EPSS

Процентиль: 99%

0.6787

Средний

9.3 Critical

CVSS2

Дефекты

CWE-399