Vulnerability Details CVE-2008-4300
A certain ActiveX control in adsiis.dll in Microsoft Internet Information Services (IIS) allows remote attackers to cause a denial of service (browser crash) via a long string in the second argument to the GetObject method. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.144
EPSS Ranking 94.1%
CVSS Severity
CVSS v2 Score 5.0
Products affected by CVE-2008-4300
-
cpe:2.3:a:microsoft:internet_information_services:-