Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:23F3D7D1ED2938528AA09382275048DC
HistoryDec 11, 2008 - 12:00 a.m.

Internet Explorer embed tag src extension buffer overflow

2008-12-1100:00:00
SAINT Corporation
my.saintcorporation.com
9

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.443 Medium

EPSS

Percentile

97.3%

JSON

Added: 12/11/2008
CVE: CVE-2008-4261
BID: 32595
OSVDB: 50610

Background

The HTML embed tag allows developers to embed plug-ins in web pages.

Problem

A vulnerability in Internet Explorer allows command execution when a user loads a page containing an embed tag with a src attribute containing a specially crafted filename extension.

Resolution

Apply the update referenced in Microsoft Security Bulletin 08-073.

References

<http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx&gt;

Limitations

Exploit works on Internet Explorer 5.01.

Platforms

Windows 2000

Related

cvelist 1
saint 3
checkpoint_advisories 1
securityvulns 3
prion 1
cve 1
openvas 2
nessus 1
cvelist
cvelist
CVE-2008-4261
2008-12-10 13:33:00
saint
saint
Internet Explorer embed tag src extension buffer overflow
2008-12-11 00:00:00
Internet Explorer embed tag src extension buffer overflow
2008-12-11 00:00:00
Internet Explorer embed tag src extension buffer overflow
2008-12-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer HTML Embed Tag Stack Buffer Overflow (MS08-073; CVE-2008-4261)
2008-12-09 00:00:00
securityvulns
securityvulns
iDefense Security Advisory 12.09.08: Microsoft Internet Explorer 5.01 EMBED tag Long File Name Extension Stack Buffer Overflow Vulnerability &#40;iDefense Exclusive&#41;
2008-12-10 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2008-12-29 00:00:00
Microsoft Security Bulletin MS08-073 - Critical Cumulative Security Update for Internet Explorer &#40;958215&#41;
2008-12-10 00:00:00
prion
prion
Stack overflow
2008-12-10 14:00:00
cve
cve
CVE-2008-4261
2008-12-10 14:00:00
openvas
openvas
Cumulative Security Update for Internet Explorer (958215)
2008-12-10 00:00:00
Cumulative Security Update for Internet Explorer (958215)
2008-12-10 00:00:00
nessus
nessus
MS08-073: Microsoft Internet Explorer Multiple Vulnerabilities (958215)
2008-12-10 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.443 Medium

EPSS

Percentile

97.3%

JSON
Related for SAINT:23F3D7D1ED2938528AA09382275048DC
cvelist1saint3checkpoint_advisories1securityvulns3prion1cve1openvas2nessus1