virus logo Intrusion Prevention

MS.Windows.hxvz.dll.ActiveX.Control.Memory.Corruption

description-logoDescription

In April 08, 2008, Microsoft released a Security Bulletin MS08-023 regarding one privately reported vulnerability for a Microsoft product. This update also includes a kill bit for the Yahoo! Music Jukebox product. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
An anonymous researcher working with the iDefense VCP for reporting the ActiveX Object Memory Corruption Vulnerability - CVE-2008-1086. A remote code execution vulnerability exists in the ActiveX control hxvz.dll. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user
The security update is rated Critical for Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4; Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4; Windows XP Service Pack 2; and Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2.
The security update is rated Important for Windows Vista and Windows Vista Service Pack 1; and Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1.
The security update is rated Moderate for all supported editions of Windows Server 2003.

affected-products-logoAffected Products

Microsoft Internet Explorer 5.01 SP4 and Internet Explorer 6 SP1 in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008.

Impact logoImpact

The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

recomended-action-logoRecommended Actions

As detailed in Microsoft Security Bulletin MS08-023, Microsoft recommends that customers apply the update immediately.
For FortiGate users, turning on these IPS signatures can prevent exploitation of this vulnerability:
MS.hxvz.dll.ActiveX.Control.Memory.Corruption
MS.hxvz.dll.Unknown.Parameter.ActiveX.Control.Memory.Corruption

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-10-12 16.941 Name:MS.
hxvz.
dll.
ActiveX.
Control.
Memory.
Corruption:MS.
Windows.
hxvz.
dll.
ActiveX.
Control.
Memory.
Corruption
ID 15538
Created Apr 09, 2008
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2008-1086
Exploit Prediction Score 83.81%
Default Action drop
Active
Affected OS Windows
Affected App IE