QwikSec

Security Database

CVE

CWE

Training

CVE-2008-2258

Published: Aug 13, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order" with "particular functions ... performed on" document objects, aka "HTML Objects Memory Corruption Vulnerability" or "Table Layout Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2257.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20080812 ZDI-08-051: Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_VUPEN

http://www.zerodayinitiative.com/advisories/ZDI-08-051/

x_refsource_MISC

third-party-advisory

x_refsource_CERT

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_HP

oval:org.mitre.oval:def:6025

vdb-entry

signature

x_refsource_OVAL

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_MS

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.