Lucene search
SAINT CorporationSAINT:6304359FDEA668DFF8E9D129B62C82BBHistoryDec 11, 2008 - 12:00 a.m.
Internet Explorer embed tag src extension buffer overflow
2008-12-1100:00:00
SAINT Corporation
www.saintcorporation.com
5
0.728 High
EPSS
Percentile
97.8%
Added: 12/11/2008
CVE: CVE-2008-4261
BID: 32595
OSVDB: 50610
Background
The HTML embed tag allows developers to embed plug-ins in web pages.
Problem
A vulnerability in Internet Explorer allows command execution when a user loads a page containing an embed tag with a src attribute containing a specially crafted filename extension.
Resolution
Apply the update referenced in Microsoft Security Bulletin 08-073.
References
<http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx>
Limitations
Exploit works on Internet Explorer 5.01.
Platforms
Windows 2000
Related
cvelist
cvelist
CVE-2008-4261
2008-12-10 13:33:00
checkpoint_advisories
checkpoint_advisories
saint
saint
Internet Explorer embed tag src extension buffer overflow
2008-12-11 00:00:00
Internet Explorer embed tag src extension buffer overflow
2008-12-11 00:00:00
Internet Explorer embed tag src extension buffer overflow
2008-12-11 00:00:00
securityvulns
securityvulns
iDefense Security Advisory 12.09.08: Microsoft Internet Explorer 5.01 EMBED tag Long File Name Extension Stack Buffer Overflow Vulnerability (iDefense Exclusive)
2008-12-10 00:00:00
Microsoft Security Bulletin MS08-073 - Critical Cumulative Security Update for Internet Explorer (958215)
2008-12-10 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2008-12-29 00:00:00
prion
prion
Stack overflow
2008-12-10 14:00:00
cve
cve
CVE-2008-4261
2008-12-10 14:00:00
openvas
openvas
Cumulative Security Update for Internet Explorer (958215)
2008-12-10 00:00:00
Cumulative Security Update for Internet Explorer (958215)
2008-12-10 00:00:00
nessus
nessus
MS08-073: Microsoft Internet Explorer Multiple Vulnerabilities (958215)
2008-12-10 00:00:00