Back to search
CVE-2008-2257
Published: Aug 13, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption Vulnerability" or "XHTML Rendering Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2258.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2008-2349
vdb-entry
x_refsource_VUPEN
TA08-225A
third-party-advisory
x_refsource_CERT
30613
vdb-entry
x_refsource_BID
1020674
vdb-entry
x_refsource_SECTRACK
HPSBST02360
vendor-advisory
x_refsource_HP
SSRT080117
vendor-advisory
x_refsource_HP
MS08-045
vendor-advisory
x_refsource_MS
20080812 ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability
mailing-list
x_refsource_BUGTRAQ
http://www.zerodayinitiative.com/advisories/ZDI-08-050/
x_refsource_MISC
31375
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:5266
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now