VYPR
Unrated severityNVD Advisory· Published Apr 8, 2008· Updated Jun 16, 2026

CVE-2008-1086

CVE-2008-1086

Description

The HxTocCtrl ActiveX control (hxvz.dll), as used in Microsoft Internet Explorer 5.01 SP4 and 6 SP1, in Windows XP SP2, Server 2003 SP1 and SP2, Vista SP1, and Server 2008, allows remote attackers to execute arbitrary code via malformed arguments, which triggers memory corruption.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17
  • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
    • (no CPE)range: 5.01 SP4, 6 SP1
  • cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp1:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows-nt:2008:*:itanium:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows-nt:2008:*:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows-nt:2008:*:x32:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows-nt:2008:*:x64:*:*:*:*:*
  • Microsoft/Windows2 versions
    cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*
    • (no CPE)range: XP SP2, Server 2003 SP1 and SP2, Vista SP1, Server 2008
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.