CVE-2008-4127Infinite Loop in Microsoft Internet Explorer

CWE-3992 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
23.6%
top 3.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedSep 18
Latest updateMay 2

Description

Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8.0.6001 on Windows XP SP2 allows remote attackers to cause a denial of service (failure of subsequent image rendering) via a crafted PNG file, related to an infinite loop in the CDwnTaskExec::ThreadExec function.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDmicrosoft/internet_explorer7.0.5730, 8.0.6001+1

🔴Vulnerability Details

1
GHSA
GHSA-27x4-2pj4-vg94: Mshtml2022-05-02
CVE-2008-4127 — Infinite Loop in Microsoft | cvebase