Executive Summary

Title Microsoft Internet Explorer property memory corruption vulnerability
Name VU#228569 First vendor Publication 2008-02-13
Vendor VU-CERT Last vendor Modification 2008-02-13
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


Vulnerability Note VU#228569

Microsoft Internet Explorer property memory corruption vulnerability


A vulnerability in the way Microsoft Internet Explorer handles malformed property objects may may lead to execution of arbitrary code.

I. Description

Microsoft Internet Explorer contatins a vulnerabilty that could be exploited when Internet Explorer attempts to interpret Web pages that contain malformed property objects. According to Microsoft Security Bulletin MS08-010:

    When Internet Explorer calls the property method it may corrupt memory in such a way that an attacker could execute arbitrary code.

Note that this issue affects Internet Explorer versions 6 and 7.

II. Impact

A remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user who is running the vulnerable application or cause a denial-of-service condition.

III. Solution


Microsoft has released an update to address this issue. See Microsoft Security Bulletin MS08-010 for more details.

Disable scripting

Disable scripting as specified in the Securing Your Web Browser document and the Malicious Web Scripts FAQ.

Do not follow unsolicited links

In order to convince users to visit their sites, attackers often use URL encoding, IP address variations, long URLs, intentional misspellings, and other techniques to create misleading links. Do not click on unsolicited links received in email, instant messages, web forums, or internet relay chat (IRC) channels. Type URLs directly into the browser to avoid these misleading links. While these are generally good security practices, following these behaviors will not prevent exploitation of this vulnerability in all cases, particularly if a trusted site has been compromised or allows cross-site scripting.

Systems Affected

VendorStatusDate Updated
Microsoft CorporationVulnerable13-Feb-2008




This vulnerability was reported in Microsoft Security Bulletin MS08-010. Microsoft credits an anonymous researcher working with TippingPoint and the Zero Day Initiative for reporting this issue.

This document was written by Chris Taschner.

Other Information

Date Public02/12/2008
Date First Published02/13/2008 03:09:47 PM
Date Last Updated02/13/2008
CERT Advisory 
CVE NameCVE-2008-0077
US-CERT Technical Alerts 
Document Revision11

Original Source

Url : http://www.kb.cert.org/vuls/id/228569

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5396
Oval ID: oval:org.mitre.oval:def:5396
Title: Property Memory Corruption Vulnerability
Description: Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2008-0077
Version: 11
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Product(s): Microsoft Internet Explorer
Definition Synopsis:

CPE : Common Platform Enumeration

Application 3

Open Source Vulnerability Database (OSVDB)

Id Description
41466 Microsoft IE animateMotion.by SVG Element by Property Memory Corruption

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Internet Explorer HTML+TIME animatemotion property memory corruptio...
RuleID : 16382 - Revision : 11 - Type : BROWSER-IE

Nessus® Vulnerability Scanner

Date Description
2008-02-12 Name : Arbitrary code can be executed on the remote host through the web client.
File : smb_nt_ms08-010.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2013-05-11 00:56:56
  • Multiple Updates