Memory Corruption Vulnerability in Microsoft Internet Explorer ActiveX Control
CVE-2008-0078

Currently unrated

Key Information:

Vendor: Microsoft
Status: Ie; Internet Explorer; Activex
Vendor: CVE Published:; 12 February 2008

What is CVE-2008-0078?

An unspecified memory corruption vulnerability exists in the ActiveX control (dxtmsft.dll) of Microsoft Internet Explorer. This flaw enables remote attackers to exploit crafted image files to execute arbitrary code, posing a significant risk to users and organizations relying on affected versions of the browser. Immediate action should be taken to mitigate this threat.

References

http://www.securityfocus.com/bid/27689

vdb-entryx_refsource_BID

http://www.securitytracker.com/id?1019381

vdb-entryx_refsource_SECTRACK

http://marc.info/?l=bugtraq&m=120361015026386&w=2

vendor-advisoryx_refsource_HP

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 12, 2008
Vulnerability Reserved
Jan 3, 2008