VYPR
Unrated severityNVD Advisory· Published Dec 10, 2008· Updated Jun 16, 2026

CVE-2008-4252

CVE-2008-4252

Description

The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "DataGrid Control Memory Corruption Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

13
  • cpe:2.3:a:microsoft:office_frontpage:2002:sp3:*:*:*:*:*:*
  • Microsoft/Project3 versions
    cpe:2.3:a:microsoft:project:2003:sp3:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:project:2003:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:project:2007:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:project:2007:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_basic:6.0:*:runtime_extended_files:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:visual_basic:6.0:*:runtime_extended_files:*:*:*:*:*
    • (no CPE)
  • cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:visual_foxpro:9.0:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*
    • (no CPE)range: 8.0 SP1 and 9.0 SP1 and SP2
  • cpe:2.3:a:microsoft:visual_studio_.net:2002:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:visual_studio_.net:2002:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.