CVE-2008-0077

EPSS 37.2%

Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability."

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=661 http://marc.info/?l=bugtraq&m=120361015026386&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010 http://secunia.com/advisories/28903 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5396 http://www.kb.cert.org/vuls/id/228569 http://www.securityfocus.com/archive/1/488048/100/0/threaded http://www.securityfocus.com/bid/27666 http://www.securitytracker.com/id?1019380 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0512/references http://www.zerodayinitiative.com/advisories/ZDI-08-006.html