cvelist/2008/3xxx/CVE-2008-3475.json

{
    "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2008-3475",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka \"Uninitialized Memory Corruption Vulnerability.\""
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "http://ifsec.blogspot.com/2008/10/internet-explorer-6-componentfrompoint.html",
                "refsource": "MISC",
                "url": "http://ifsec.blogspot.com/2008/10/internet-explorer-6-componentfrompoint.html"
            },
            {
                "name": "oval:org.mitre.oval:def:13151",
                "refsource": "OVAL",
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13151"
            },
            {
                "name": "ie-uninitialized-objects-code-execution(45563)",
                "refsource": "XF",
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45563"
            },
            {
                "name": "20081015 Internet Explorer 6 componentFromPoint() remote memory disclosure and remote code execution",
                "refsource": "BUGTRAQ",
                "url": "http://www.securityfocus.com/archive/1/497380/100/0/threaded"
            },
            {
                "name": "SSRT080143",
                "refsource": "HP",
                "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"
            },
            {
                "name": "MS08-058",
                "refsource": "MS",
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-058"
            },
            {
                "name": "ADV-2008-2809",
                "refsource": "VUPEN",
                "url": "http://www.vupen.com/english/advisories/2008/2809"
            },
            {
                "name": "1021047",
                "refsource": "SECTRACK",
                "url": "http://www.securitytracker.com/id?1021047"
            },
            {
                "name": "HPSBST02379",
                "refsource": "HP",
                "url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"
            },
            {
                "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-069/",
                "refsource": "MISC",
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-069/"
            },
            {
                "name": "TA08-288A",
                "refsource": "CERT",
                "url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html"
            },
            {
                "name": "win-ms08kb956390-update(45565)",
                "refsource": "XF",
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45565"
            },
            {
                "name": "31617",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/31617"
            }
        ]
    }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-18 01:07:49 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "secure@microsoft.com",`
			`"ID": "CVE-2008-3475",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "n/a",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
"-Synchronized-Data." 2019-03-18 01:07:49 +00:00			`"lang": "eng",`
			`"value": "Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka \"Uninitialized Memory Corruption Vulnerability.\""`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
"-Synchronized-Data." 2019-03-18 01:07:49 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "http://ifsec.blogspot.com/2008/10/internet-explorer-6-componentfrompoint.html",`
			`"refsource": "MISC",`
			`"url": "http://ifsec.blogspot.com/2008/10/internet-explorer-6-componentfrompoint.html"`
			`},`
			`{`
			`"name": "oval:org.mitre.oval:def:13151",`
			`"refsource": "OVAL",`
			`"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13151"`
			`},`
			`{`
			`"name": "ie-uninitialized-objects-code-execution(45563)",`
			`"refsource": "XF",`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45563"`
			`},`
			`{`
			`"name": "20081015 Internet Explorer 6 componentFromPoint() remote memory disclosure and remote code execution",`
			`"refsource": "BUGTRAQ",`
			`"url": "http://www.securityfocus.com/archive/1/497380/100/0/threaded"`
			`},`
			`{`
			`"name": "SSRT080143",`
			`"refsource": "HP",`
			`"url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"`
			`},`
			`{`
			`"name": "MS08-058",`
			`"refsource": "MS",`
			`"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-058"`
			`},`
			`{`
			`"name": "ADV-2008-2809",`
			`"refsource": "VUPEN",`
			`"url": "http://www.vupen.com/english/advisories/2008/2809"`
			`},`
			`{`
			`"name": "1021047",`
			`"refsource": "SECTRACK",`
			`"url": "http://www.securitytracker.com/id?1021047"`
			`},`
			`{`
			`"name": "HPSBST02379",`
			`"refsource": "HP",`
			`"url": "http://marc.info/?l=bugtraq&m=122479227205998&w=2"`
			`},`
			`{`
			`"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-069/",`
			`"refsource": "MISC",`
			`"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-069/"`
			`},`
			`{`
			`"name": "TA08-288A",`
			`"refsource": "CERT",`
			`"url": "http://www.us-cert.gov/cas/techalerts/TA08-288A.html"`
			`},`
			`{`
			`"name": "win-ms08kb956390-update(45565)",`
			`"refsource": "XF",`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45565"`
			`},`
			`{`
			`"name": "31617",`
			`"refsource": "BID",`
			`"url": "http://www.securityfocus.com/bid/31617"`
			`}`
			`]`
			`}`
			`}`