ID CVE-2008-4261
Summary Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers to execute arbitrary code via crafted HTML tags that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp1:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:*:sp1:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*
CVSS
Base: 9.3 (as of 26-02-2019 - 14:04)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2011-12-05T04:00:32.324-05:00
class vulnerability
contributors
  • name Sudhir Gandhe
    organization Secure Elements, Inc.
  • name Pradeep R B
    organization SecPod Technologies
definition_extensions
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Internet Explorer 5.01 SP4 is installed
    oval oval:org.mitre.oval:def:325
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Windows XP SP2 or later is installed
    oval oval:org.mitre.oval:def:521
  • comment Microsoft Windows XP (x86) SP3 is installed
    oval oval:org.mitre.oval:def:5631
  • comment Microsoft Windows Server 2003 SP1 (x86) is installed
    oval oval:org.mitre.oval:def:565
  • comment Microsoft Windows XP Professional x64 Edition SP1 is installed
    oval oval:org.mitre.oval:def:720
  • comment Microsoft Windows Server 2003 SP1 for Itanium is installed
    oval oval:org.mitre.oval:def:1205
  • comment Microsoft Windows Server 2003 SP1 (x64) is installed
    oval oval:org.mitre.oval:def:4386
  • comment Microsoft Windows Server 2003 SP2 (x86) is installed
    oval oval:org.mitre.oval:def:1935
  • comment Microsoft Windows XP x64 Edition SP2 is installed
    oval oval:org.mitre.oval:def:4193
  • comment Microsoft Windows Server 2003 (ia64) SP2 is installed
    oval oval:org.mitre.oval:def:1442
  • comment Microsoft Windows Server 2003 SP2 (x64) is installed
    oval oval:org.mitre.oval:def:2161
description Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers to execute arbitrary code via crafted HTML tags that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."
family windows
id oval:org.mitre.oval:def:5829
status accepted
submitted 2008-12-09T13:31:00
title HTML Rendering Memory Corruption Vulnerability
version 68
refmap via4
cert TA08-344A
idefense 20081209 Microsoft Internet Explorer HTML Tag Long File Name Extension Stack Buffer Overflow Vulnerability
ms MS08-073
sectrack 1021371
vupen ADV-2008-3385
saint via4
bid 32595
description Internet Explorer embed tag src extension buffer overflow
id win_patch_ie_v5,win_patch_ie_v6
osvdb 50610
title ie_embed_src_ext
type client
Last major update 26-02-2019 - 14:04
Published 10-12-2008 - 14:00
Back to Top