Vulnerabilities > CVE-2008-4299 - Numeric Errors vulnerability in Microsoft Internet Authentication Service Helper COM Component
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
A certain ActiveX control in the Microsoft Internet Authentication Service (IAS) Helper COM Component in iashlpr.dll allows remote attackers to cause a denial of service (browser crash) via a large integer value in the first argument to the PutProperty method. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |