CVE-2008-4261Out-of-bounds Write in Microsoft Internet Explorer

CWE-3992 documents2 sources
Severity
9.3CRITICALNVD
EPSS
64.4%
top 1.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedDec 10
Latest updateMay 2

Description

Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers to execute arbitrary code via crafted HTML tags that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/internet_explorer5.01, 6, 7+2

🔴Vulnerability Details

1
GHSA
GHSA-6xgc-7p5v-c5hp: Stack-based buffer overflow in Microsoft Internet Explorer 52022-05-02
CVE-2008-4261 — Out-of-bounds Write in Microsoft | cvebase