CVE-2008-4260Out-of-bounds Write in Microsoft Internet Explorer

CWE-3992 documents2 sources
Severity
8.5HIGHNVD
EPSS
50.9%
top 2.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedDec 10
Latest updateMay 2

Description

Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Uninitialized Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 6.8 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/internet_explorer5.01, 6, 7+2

🔴Vulnerability Details

1
GHSA
GHSA-435q-7mpf-fcmp: Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTM2022-05-02
CVE-2008-4260 — Out-of-bounds Write in Microsoft | cvebase