Vulnerability Details CVE-2008-4127
Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8.0.6001 on Windows XP SP2 allows remote attackers to cause a denial of service (failure of subsequent image rendering) via a crafted PNG file, related to an infinite loop in the CDwnTaskExec::ThreadExec function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.289
EPSS Ranking 96.3%
CVSS Severity
CVSS v2 Score 4.3
References
- http://securityreason.com/securityalert/4273
- http://www.securityfocus.com/archive/1/496483/100/0/threaded
- http://www.securityfocus.com/bid/31215
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45225
- http://securityreason.com/securityalert/4273
- http://www.securityfocus.com/archive/1/496483/100/0/threaded
- http://www.securityfocus.com/bid/31215
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45225
Products affected by CVE-2008-4127
-
cpe:2.3:a:microsoft:internet_explorer:7.0.5730
-
cpe:2.3:a:microsoft:internet_explorer:8.0.6001
-
cpe:2.3:o:microsoft:windows_xp:-