Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-4800
HistoryOct 31, 2008 - 12:00 a.m.

CVE-2008-4800

2008-10-3100:00:00
CWE-399
[email protected]
web.nvd.nist.gov
23
microsoft
debug diagnostic tool
activex
crashhangext.dll
cve-2008-4800
denial of service
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.085 Low

EPSS

Percentile

94.5%

JSON

The DebugDiag ActiveX control in CrashHangExt.dll, possibly 1.0, in Microsoft Debug Diagnostic Tool allows remote attackers to cause a denial of service (NULL pointer dereference and Internet Explorer 6.0 crash) via a large negative integer argument to the GetEntryPointForThread method. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.

Affected configurations

NVD
Node
microsoftdebug_diagnostic_tool

Related

cvelist 1
nvd 1
seebug 1
prion 1
cvelist
cvelist
CVE-2008-4800
2008-10-30 22:00:00
nvd
nvd
CVE-2008-4800
2008-10-31 00:00:00
seebug
seebug
Microsoft DebugDiag CrashHangExt.dll ActiveX控件拒绝服务漏洞
2008-10-31 00:00:00
prion
prion
Null pointer dereference
2008-10-31 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.085 Low

EPSS

Percentile

94.5%

JSON
Related for CVE-2008-4800
cvelist1nvd1seebug1prion1