Memory Corruption Vulnerability in Microsoft Internet Explorer ActiveX Control
CVE-2008-0078

Currently unrated

Key Information:

Vendor: Microsoft
Status: Ie; Internet Explorer; Activex
Vendor: CVE Published:; 12 February 2008

Summary

An unspecified memory corruption vulnerability exists in the ActiveX control (dxtmsft.dll) of Microsoft Internet Explorer. This flaw enables remote attackers to exploit crafted image files to execute arbitrary code, posing a significant risk to users and organizations relying on affected versions of the browser. Immediate action should be taken to mitigate this threat.

References

http://www.securityfocus.com/bid/27689

vdb-entryx_refsource_BID

http://www.securitytracker.com/id?1019381

vdb-entryx_refsource_SECTRACK

http://marc.info/?l=bugtraq&m=120361015026386&w=2

vendor-advisoryx_refsource_HP

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 12, 2008
Vulnerability Reserved
Jan 3, 2008