Vulnerabilities > CVE-2008-3475 - Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 5.01/6/7.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Uninitialized Memory Corruption Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 | |
OS | 14 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS08-058.NASL |
description | The remote host is missing the IE cumulative security update 956390. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 34403 |
published | 2008-10-15 |
reporter | This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/34403 |
title | MS08-058: Microsoft Internet Explorer Multiple Vulnerabilities (956390) |
code |
|
Oval
accepted | 2011-12-05T04:00:12.120-05:00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
description | Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Uninitialized Memory Corruption Vulnerability." | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:13151 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
submitted | 2011-10-25T13:27:14 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
title | Uninitialized Memory Corruption Vulnerability in Internet Explorer | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
version | 71 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 31617 CVE(CAN) ID: CVE-2008-3475 Internet Explorer是Windows操作系统中默认捆绑的WEB浏览器。 Internet Explorer在实现暴露给JavaScript的componentFromPoint()时允许特定的对象任意控制内存访问。攻击者可以通过构建特制的网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 临时解决方法: * 将Internet Explorer配置为在Internet和本地Intranet安全区域中运行ActiveX控件之前进行提示。 * 将Internet和本地Intranet安全区域设置设为“高”,以便在这些区域中运行ActiveX控件和活动脚本之前进行提示。 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS08-058)以及相应补丁: MS08-058:Cumulative Security Update for Internet Explorer (956390) 链接:<a href=http://www.microsoft.com/technet/security/Bulletin/MS08-058.mspx?pf=true target=_blank>http://www.microsoft.com/technet/security/Bulletin/MS08-058.mspx?pf=true</a> |
id | SSV:4253 |
last seen | 2017-11-19 |
modified | 2008-10-16 |
published | 2008-10-16 |
reporter | Root |
title | Microsoft IE componentFromPoint内存破坏漏洞(MS08-058) |
References
- http://ifsec.blogspot.com/2008/10/internet-explorer-6-componentfrompoint.html
- http://ifsec.blogspot.com/2008/10/internet-explorer-6-componentfrompoint.html
- http://marc.info/?l=bugtraq&m=122479227205998&w=2
- http://marc.info/?l=bugtraq&m=122479227205998&w=2
- http://marc.info/?l=bugtraq&m=122479227205998&w=2
- http://marc.info/?l=bugtraq&m=122479227205998&w=2
- http://www.securityfocus.com/archive/1/497380/100/0/threaded
- http://www.securityfocus.com/archive/1/497380/100/0/threaded
- http://www.securityfocus.com/bid/31617
- http://www.securityfocus.com/bid/31617
- http://www.securitytracker.com/id?1021047
- http://www.securitytracker.com/id?1021047
- http://www.us-cert.gov/cas/techalerts/TA08-288A.html
- http://www.us-cert.gov/cas/techalerts/TA08-288A.html
- http://www.vupen.com/english/advisories/2008/2809
- http://www.vupen.com/english/advisories/2008/2809
- http://www.zerodayinitiative.com/advisories/ZDI-08-069/
- http://www.zerodayinitiative.com/advisories/ZDI-08-069/
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-058
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-058
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45563
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45563
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45565
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45565
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13151
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13151