High severity8.8NVD Advisory· Published Feb 12, 2008· Updated Apr 23, 2026
CVE-2008-0077
CVE-2008-0077
Description
Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability."
Affected products
3cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010nvdPatchVendor Advisory
- secunia.com/advisories/28903nvdBroken LinkVendor Advisory
- www.kb.cert.org/vuls/id/228569nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/archive/1/488048/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/27666nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA08-043C.htmlnvdBroken LinkThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2008/0512/referencesnvdBroken LinkVendor Advisory
- www.zerodayinitiative.com/advisories/ZDI-08-006.htmlnvdThird Party AdvisoryVDB Entry
- labs.idefense.com/intelligence/vulnerabilities/display.phpnvdBroken Link
- marc.infonvdMailing List
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5396nvdBroken Link
News mentions
0No linked articles in our index yet.