| Affected: |  | MICROSOFT : Windows 2000 Server |
| | | MICROSOFT : Windows 2000 Professional |
| | | MICROSOFT : Windows XP |
| | | MICROSOFT : Windows 2003 Server |
| | | MICROSOFT : Windows Vista |
| | | MICROSOFT : Windows 2008 Server |
| CVE: |  | CVE-2008-4261 (Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers to execute arbitrary code via crafted HTML tags that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability.") |
| | | CVE-2008-4260 (Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Uninitialized Memory Corruption Vulnerability.") |
| | | CVE-2008-4259 (Microsoft Internet Explorer 7 sometimes attempts to access uninitialized memory locations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, related to a WebDAV request for a file with a long name, aka "HTML Objects Memory Corruption Vulnerability.") |
| | | CVE-2008-4258 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly validate parameters during calls to navigation methods, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Parameter Validation Memory Corruption Vulnerability.") |
