Vulnerabilities > CVE-2008-0077 - Use After Free vulnerability in Microsoft Internet Explorer 6/7
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 | |
OS | 13 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS08-010.NASL |
description | The remote host is missing the IE cumulative security update 944533. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 31044 |
published | 2008-02-12 |
reporter | This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/31044 |
title | MS08-010: Cumulative Security Update for Internet Explorer (944533) |
code |
|
Oval
accepted | 2014-08-25T04:01:50.742-04:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
description | Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:5396 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
submitted | 2008-02-13T10:19:01 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
title | Property Memory Corruption Vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
version | 79 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 27666 CVE(CAN) ID: CVE-2008-0077 Internet Explorer是微软发布的非常流行的WEB浏览器。 Microsoft IE在处理属性元素时存在漏洞,远程攻击者可能利用此漏洞控制用户系统。 IE没有正确地处理,如果为该属性分配了其他DOM元素的话,则在释放Variant数据类型期间就会触发内存破坏,导致覆盖虚拟函数地址。如果用户受骗访问了恶意网页的话,就可以触发这个漏洞,导致执行任意指令。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 临时解决方法: * 配置Internet Explorer在运行活动脚本之前提示,或在Internet和本地intranet安全区中禁用活动脚本。 * 将Internet和本地intranet安全区设置为“高”以便在这些区中运行ActiveX控件和活动脚本之前提示。 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS08-010)以及相应补丁: MS08-010:Cumulative Security Update for Internet Explorer (944533) 链接:<a href=http://www.microsoft.com/technet/security/Bulletin/MS08-010.mspx?pf=true target=_blank>http://www.microsoft.com/technet/security/Bulletin/MS08-010.mspx?pf=true</a> |
id | SSV:2895 |
last seen | 2017-11-19 |
modified | 2008-02-20 |
published | 2008-02-20 |
reporter | Root |
title | Microsoft IE属性方式远程内存破坏漏洞(MS08-010) |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=661
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=661
- http://marc.info/?l=bugtraq&m=120361015026386&w=2
- http://marc.info/?l=bugtraq&m=120361015026386&w=2
- http://marc.info/?l=bugtraq&m=120361015026386&w=2
- http://marc.info/?l=bugtraq&m=120361015026386&w=2
- http://secunia.com/advisories/28903
- http://secunia.com/advisories/28903
- http://www.kb.cert.org/vuls/id/228569
- http://www.kb.cert.org/vuls/id/228569
- http://www.securityfocus.com/archive/1/488048/100/0/threaded
- http://www.securityfocus.com/archive/1/488048/100/0/threaded
- http://www.securityfocus.com/bid/27666
- http://www.securityfocus.com/bid/27666
- http://www.securitytracker.com/id?1019380
- http://www.securitytracker.com/id?1019380
- http://www.us-cert.gov/cas/techalerts/TA08-043C.html
- http://www.us-cert.gov/cas/techalerts/TA08-043C.html
- http://www.vupen.com/english/advisories/2008/0512/references
- http://www.vupen.com/english/advisories/2008/0512/references
- http://www.zerodayinitiative.com/advisories/ZDI-08-006.html
- http://www.zerodayinitiative.com/advisories/ZDI-08-006.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5396
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5396