CVE-2008-0077

Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
microsoftCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Common Weakness Enumeration
References
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=661
http://marc.info/?l=bugtraq&m=120361015026386&w=2
http://marc.info/?l=bugtraq&m=120361015026386&w=2
http://secunia.com/advisories/28903
http://www.kb.cert.org/vuls/id/228569
http://www.securityfocus.com/archive/1/488048/100/0/threaded
http://www.securityfocus.com/bid/27666
http://www.securitytracker.com/id?1019380
http://www.us-cert.gov/cas/techalerts/TA08-043C.html
http://www.vupen.com/english/advisories/2008/0512/references
http://www.zerodayinitiative.com/advisories/ZDI-08-006.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5396
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=661
http://marc.info/?l=bugtraq&m=120361015026386&w=2
http://marc.info/?l=bugtraq&m=120361015026386&w=2
http://secunia.com/advisories/28903
http://www.kb.cert.org/vuls/id/228569
http://www.securityfocus.com/archive/1/488048/100/0/threaded
http://www.securityfocus.com/bid/27666
http://www.securitytracker.com/id?1019380
http://www.us-cert.gov/cas/techalerts/TA08-043C.html
http://www.vupen.com/english/advisories/2008/0512/references
http://www.zerodayinitiative.com/advisories/ZDI-08-006.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5396