| Last Updated Date | Feb 19, 2009 |
| Release Date | Dec 09, 2008 |
| Severity | High |
| Impact | System Compromise: Remote attackers can gain control of vulnerable systems. |
| Description | This indicates an attempt to exploit a buffer-overflow vulnerability in Microsoft Internet Explorer.
The vulnerability is located in some ActiveX controls through misuse of navigation methods. An attacker may exploit this to execute arbitrary code, or cause the program to crash. |
| Affected Products | Internet Explorer 5.01 Service Pack 4 when installed on Microsoft Windows 2000 Service Pack 4
Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4 |
| Recommended Actions | Apply patch, available from the website:
http://www.microsoft.com/technet/security/Bulletin/ms08-073.mspx |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-4258
|
| Microsoft Bulletin ID | MS08-073 http://www.microsoft.com/technet/security/Bulletin/ms08-073.mspx |