ActiveX Control Vulnerability in Microsoft Money 2006
CVE-2008-5823

Currently unrated

Key Information:

Vendor
Microsoft
Status
Money
Vendor
CVE Published:
2 January 2009

Summary

An ActiveX control in the file prtstb06.dll used by Microsoft Money 2006 can be exploited by remote attackers. When utilized with Windows Script Host (WSH) on Windows Vista, it allows attackers to cause a denial of service by passing a zero value to the Startup property, resulting in an application crash and an access violation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47756
vdb-entryx_refsource_XF
http://jbrownsec.blogspot.com/2008/12/new-year-research-a...
x_refsource_MISC

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2008-5823 : ActiveX Control Vulnerability in Microsoft Money 2006 | SecurityVulnerability.io