CVE Vulnerability

CVE-2008-0077

Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability."

9.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.us-cert.gov/cas/techalerts/TA08-043C.html US Government Resource
http://www.securityfocus.com/bid/27666
http://www.securitytracker.com/id?1019380
http://secunia.com/advisories/28903 Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=661
http://www.zerodayinitiative.com/advisories/ZDI-08-006.html
http://www.kb.cert.org/vuls/id/228569 US Government Resource
http://marc.info/?l=bugtraq&m=120361015026386&w=2
http://www.vupen.com/english/advisories/2008/0512/references Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5396
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010
http://www.securityfocus.com/archive/1/488048/100/0/threaded
Configurations

Configuration 1
Information

Published : 2008-02-12 11:00

Updated : 2021-07-23 03:04

NVD link : CVE-2008-0077

Mitre link : CVE-2008-0077

Products Affected
No products.
CWE
CWE-416