VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 8, 2008· Updated Apr 23, 2026

CVE-2008-1086

CVE-2008-1086

Description

The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption.

Affected products

15
  • Microsoft/Internet Explorer2 versions
    cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
  • Microsoft/Windows Server 20036 versions
    cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp1:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*
  • Microsoft/Windows Nt3 versions
    cpe:2.3:o:microsoft:windows-nt:2008:*:itanium:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows-nt:2008:*:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows-nt:2008:*:x32:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows-nt:2008:*:x64:*:*:*:*:*
  • Microsoft/Windows Vista
    cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*
  • Microsoft/Windows Xp3 versions
    cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

10

News mentions

0

No linked articles in our index yet.