CVSS: 9.3EPSS: 58%CPEs: 5EXPL: 0CVE-2008-2255
https://notcve.org/view.php?id=CVE-2008-2255
Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, a different vulnerability than CVE-2008-2254, aka "HTML Object Memory Corruption Vulnerability." Microsoft Internet Explorer 5.01, 6 y 7 accede a memoria no inicializada, lo que permite a atacantes remotos provocar una denegación de servicio (caída) y ejecutar código de su elección mediante vectores desconocidos, una vulnerabilidad distinta a CVE-2008-2254, también conocida como "HTML Object Memory Corruption Vulnerability (Vulnerabilidad de Corrupción de Memoria de Objeto HTML)". • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31375 http://www.securitytracker.com/id?1020674 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2349 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5602 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 79%CPEs: 4EXPL: 0CVE-2008-2254
https://notcve.org/view.php?id=CVE-2008-2254
Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "HTML Object Memory Corruption Vulnerability." Internet Explorer de Microsoft versiones 6 y 7, accede a la memoria no inicializada, lo que permite a los atacantes remotos causar una denegación de servicio (bloqueo) y ejecutar código arbitrario por medio de vectores desconocidos, también se conoce como "HTML Object Memory Corruption Vulnerability". • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31375 http://www.securityfocus.com/bid/30614 http://www.securitytracker.com/id?1020674 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2349 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5820 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 73%CPEs: 4EXPL: 0CVE-2008-2259
https://notcve.org/view.php?id=CVE-2008-2259
Microsoft Internet Explorer 6 and 7 does not perform proper "argument validation" during print preview, which allows remote attackers to execute arbitrary code via unknown vectors, aka "HTML Component Handling Vulnerability." Microsoft Internet Explorer 6 y 7 no hace una "validación de argumentos" correcta durante la previsualización de la impresión, lo que permite a atacantes remotos ejecutar código de su elección mediante vectores desconocidos, también conocida como "HTML Component Handling Vulnerability (Vulnerabilidad de Gestión de Componentes HTML)". • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31375 http://www.securityfocus.com/bid/30612 http://www.securitytracker.com/id?1020674 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2349 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5913 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 91%CPEs: 5EXPL: 0CVE-2008-2256
https://notcve.org/view.php?id=CVE-2008-2256
Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrectly initialized or deleted, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "Uninitialized Memory Corruption Vulnerability." Microsoft Internet Explorer 5.01, 6 y 7 no gestiona correctamente objetos que han sido inicializados o borrados incorrectamente, lo que permite a atacantes remotos provocar una denegación de servicio (caída) y ejecutar código de su elección mediante vectores desconocidos, también conocido como "Uninitialized Memory Corruption Vulnerability (Vulnerabilidad de Corrupción de Memoria No Inicializada)". • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31375 http://www.securityfocus.com/bid/30611 http://www.securitytracker.com/id?1020674 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2349 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5366 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 82%CPEs: 5EXPL: 0CVE-2008-2258 – Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2008-2258
Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order" with "particular functions ... performed on" document objects, aka "HTML Objects Memory Corruption Vulnerability" or "Table Layout Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2257. Internet Explorer de Microsoft versiones 5.01, 6 y 7, accede a la memoria no inicializada en determinadas condiciones, lo que permite a los atacantes remotos causar una denegación de servicio (bloqueo) y ejecutar código arbitrario por medio de vectores relacionados con un objeto de documento "appended in a specific order" con "particular functions ... performed on", también se conoce como "HTML Objects Memory Corruption Vulnerability" o "Table Layout Memory Corruption Vulnerability", una vulnerabilidad diferente de CVE-2008-2257. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects. When an object is appended in a specific order and particular functions are performed on these objects memory corruption occurs. • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31375 http://www.securityfocus.com/archive/1/495431/100/0/threaded http://www.securityfocus.com/bid/30610 http://www.securitytracker.com/id?1020674 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2349 http://www.zerodayinitiative.com/advisories/ZDI-08-051 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-045 https:/ • CWE-399: Resource Management Errors •