Executive Summary
| Summary | |
|---|---|
| Title | Cumulative Security Update for Internet Explorer (953838) |
| Informations | |||
|---|---|---|---|
| Name | MS08-045 | First vendor Publication | 2008-08-12 |
| Vendor | Microsoft | Last vendor Modification | 2008-08-20 |
| Severity (Vendor) | Critical | Revision | 1.1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Revision Note: V1.1 (August 20, 2008): Corrected a registry key verification entry for Windows XP and added a mitigating factor for CVE-2008-2256.Summary: This security update resolves five privately reported vulnerabilies and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/MS08-045.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 67 % | CWE-399 | Resource Management Errors |
| 33 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:5266 | |||
| Oval ID: | oval:org.mitre.oval:def:5266 | ||
| Title: | HTML Objects Memory Corruption Vulnerability | ||
| Description: | Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption Vulnerability" or "XHTML Rendering Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2258. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-2257 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Internet Explorer |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:5366 | |||
| Oval ID: | oval:org.mitre.oval:def:5366 | ||
| Title: | Uninitialized Memory Corruption Vulnerability | ||
| Description: | Microsoft Internet Explorer 5.01, 6, and 7 does not properly handle objects that have been incorrectly initialized or deleted, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "Uninitialized Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-2256 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Internet Explorer |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:5602 | |||
| Oval ID: | oval:org.mitre.oval:def:5602 | ||
| Title: | HTML Objects Memory Corruption Vulnerability | ||
| Description: | Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, a different vulnerability than CVE-2008-2254, aka "HTML Object Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-2255 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Internet Explorer |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:5820 | |||
| Oval ID: | oval:org.mitre.oval:def:5820 | ||
| Title: | HTML Object Memory Corruption Vulnerability | ||
| Description: | Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "HTML Object Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-2254 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Internet Explorer |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:5913 | |||
| Oval ID: | oval:org.mitre.oval:def:5913 | ||
| Title: | HTML Component Handling Vulnerability | ||
| Description: | Microsoft Internet Explorer 6 and 7 does not perform proper "argument validation" during print preview, which allows remote attackers to execute arbitrary code via unknown vectors, aka "HTML Component Handling Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-2259 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Internet Explorer |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6025 | |||
| Oval ID: | oval:org.mitre.oval:def:6025 | ||
| Title: | HTML Objects Memory Corruption Vulnerability | ||
| Description: | Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order" with "particular functions ... performed on" document objects, aka "HTML Objects Memory Corruption Vulnerability" or "Table Layout Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2257. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-2258 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Internet Explorer |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 5 |
SAINT Exploits
| Description | Link |
|---|---|
| Internet Explorer print preview argument validation vulnerability | More info here |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-29 | Name : Cumulative Security Update for Internet Explorer (950759) File : nvt/gb_ms08-031.nasl |
| 2008-08-19 | Name : Cumulative Security Update for Internet Explorer (953838) File : nvt/secpod_ms08-045_900030.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 47419 | Microsoft IE HTML Object Unspecified Memory Corruption |
| 47418 | Microsoft IE HTML Object Unspecified Memory Corruption |
| 47417 | Microsoft IE Object Handling Uninitialized Memory Corruption |
| 47416 | Microsoft IE HTML Document Objects Handling Memory Corruption |
| 47415 | Microsoft IE HTML Document Object Handling Memory Corruption An unspecified memory corruption flaw exists in Internet Explorer. IE fails to validate Document Objects resulting in memory corruption. With a specially crafted web page, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
| 47414 | Microsoft IE Print Preview HTML Component Handling Unspecified Arbitrary Code... |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2017-09-28 | Microsoft Internet Explorer span frontier parsing memory corruption attempt RuleID : 44188 - Revision : 2 - Type : BROWSER-IE |
| 2016-03-14 | Microsoft Internet Explorer argument validation in print preview handling exp... RuleID : 36453 - Revision : 3 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer getElementById object corruption RuleID : 19079 - Revision : 9 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer static text range overflow attempt RuleID : 17720 - Revision : 14 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer ExecWB security zone bypass attempt RuleID : 17692 - Revision : 11 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer getElementById object corruption attempt RuleID : 15910 - Revision : 18 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer http status response memory corruption vulnerability RuleID : 13980 - Revision : 17 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer XHTML element memory corruption attempt RuleID : 13974 - Revision : 13 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer span frontier parsing memory corruption attempt RuleID : 13964 - Revision : 14 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer argument validation in print preview handling exp... RuleID : 13963 - Revision : 14 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer table layout access violation vulnerability RuleID : 13961 - Revision : 10 - Type : BROWSER-IE |
| 2014-01-10 | Microsoft Internet Explorer static text range overflow attempt RuleID : 13960 - Revision : 14 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2008-08-13 | Name : Arbitrary code can be executed on the remote host through the web client. File : smb_nt_ms08-045.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:46:01 |
|
| 2014-01-19 21:30:13 |
|
| 2013-05-11 00:49:21 |
|
