CVE-2008-4844

2008-12-1115:30:00

CWE-399

microsoft

web.nvd.nist.gov

163

cve-2008-4844

use-after-free

mshtml.dll

internet explorer

remote code execution

dso bindings

xml island

xml dsos

tabular data control

tdc

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

High

EPSS

0.971

Percentile

99.8%

JSON

Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving (1) an XML Island, (2) XML DSOs, or (3) Tabular Data Control (TDC) in a crafted HTML or XML document, as demonstrated by nested SPAN or MARQUEE elements, and exploited in the wild in December 2008.

Affected configurations

Nvd

Node

microsoftinternet_explorerMatch5.01

microsoftinternet_explorerMatch6

microsoftinternet_explorerMatch6sp1

microsoftinternet_explorerMatch7

VendorProductVersionCPE
microsoftinternet_explorer5.01cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
microsoftinternet_explorer6cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
microsoftinternet_explorer6cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
microsoftinternet_explorer7cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	internet_explorer	5.01	cpe:2.3:a:microsoft:internet_explorer:5.01:::::::*
microsoft	internet_explorer	6	cpe:2.3:a:microsoft:internet_explorer:6:::::::*
microsoft	internet_explorer	6	cpe:2.3:a:microsoft:internet_explorer:6:sp1::::::
microsoft	internet_explorer	7	cpe:2.3:a:microsoft:internet_explorer:7:::::::*