← back
CVE-2008-4800

CVE-2008-4800

EPSS 25.8%
The DebugDiag ActiveX control in CrashHangExt.dll, possibly 1.0, in Microsoft Debug Diagnostic Tool allows remote attackers to cause a denial of service (NULL pointer dereference and Internet Explorer 6.0 crash) via a large negative integer argument to the GetEntryPointForThread method. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/32550unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://securityreason.com/securityalert/4532https://exchange.xforce.ibmcloud.com/vulnerabilities/46309http://www.securityfocus.com/archive/1/497943/100/0/threadedhttp://www.securityfocus.com/bid/31996