Lucene search

[email protected]CVE-2008-5750

HistoryDec 29, 2008 - 3:24 p.m.

CVE-2008-5750

2008-12-2915:24:23

CWE-94

[email protected]

web.nvd.nist.gov

cve

2008

5750

microsoft

internet explorer

vulnerability

sp3

remote

execution

command

chromehtml uri

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Argument injection vulnerability in Microsoft Internet Explorer 8 beta 2 on Windows XP SP3 allows remote attackers to execute arbitrary commands via the --renderer-path option in a chromehtml: URI.

Affected configurations

NVD

Node

microsoftinternet_explorerMatch8beta2

AND

microsoftwindows_xpsp3

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq8

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	8

References

retrogod.altervista.org/9sg_chrome.html

securityreason.com/securityalert/4821

www.securityfocus.com/archive/1/499570/100/0/threaded

www.securityfocus.com/bid/32999

www.exploit-db.com/exploits/7566

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2008-5750

cvelist1 openvas2 prion1 nvd1