Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.02.2008
Published:13.02.2008
Source:
SecurityVulns ID:8673
Type:remote
Threat Level:
8/10
Description:Multiple memory corruptions.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
CVE:CVE-2008-0078
 CVE-2008-0077 (Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability.")
 CVE-2008-0076
 CVE-2007-4790 (Stack-based buffer overflow in a certain ActiveX control in FPOLE.OCX 6.0.8450.0 in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function.)
Original documentdocumentIDEFENSE, ZDI-08-006: Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability (13.02.2008)
 documentIDEFENSE, iDefense Security Advisory 02.12.08: Microsoft Internet Explorer Property Memory Corruption Vulnerability (13.02.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-010 - Critical Cumulative Security Update for Internet Explorer (944533) (12.02.2008)
Files:Microsoft Security Bulletin MS08-010 - Critical Cumulative Security Update for Internet Explorer (944533)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod