VYPR
High severity8.8NVD Advisory· Published Oct 15, 2008· Updated Jun 16, 2026

CVE-2008-3475

CVE-2008-3475

Description

Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Uninitialized Memory Corruption Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:-:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*
    • (no CPE)range: 6

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.