Home

CVE-2008-1086

Description

The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption.

Risk Information

Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
58.752

Associated Vulnerability

VulnerabilityOS Platform
Security Update for ActiveX Killbits for Internet Explorer 5.01 for Windows 2000 (KB948881)Windows
Security Update for ActiveX Killbits for Internet Explorer 6 for Windows 2000 (KB948881)Windows
Security Update for ActiveX Killbits for Windows XP (KB948881)Windows
Security Update for ActiveX Killbits for Windows Server 2003 (KB948881)Windows
Security Update for ActiveX Killbits for Windows XP x64 Edition (KB948881)Windows
Security Update for ActiveX Killbits for Windows Server 2003 x64 Edition (KB948881)Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234