Published: 15/10/2008 Updated: 08/02/2024

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote malicious users to execute arbitrary code via a crafted HTML document, aka "Uninitialized Memory Corruption Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet_explorer 5.01
microsoft internet_explorer 6
microsoft internet_explorer 7.0

CWE-908 http://www.securitytracker.com/id?1021047 http://www.securityfocus.com/bid/31617 http://www.us-cert.gov/cas/techalerts/TA08-288A.html http://marc.info/?l=bugtraq&m=122479227205998&w=2 http://www.zerodayinitiative.com/advisories/ZDI-08-069/http://ifsec.blogspot.com/2008/10/internet-explorer-6-componentfrompoint.html http://www.vupen.com/english/advisories/2008/2809 https://exchange.xforce.ibmcloud.com/vulnerabilities/45565 https://exchange.xforce.ibmcloud.com/vulnerabilities/45563 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13151 http://www.securityfocus.com/archive/1/497380/100/0/threaded https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-058 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-3475

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect