CVE-2008-4844
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-4844
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving (1) an XML Island, (2) XML DSOs, or (3) Tabular Data Control (TDC) in a crafted HTML or XML document, as demonstrated by nested SPAN or MARQUEE elements, and exploited in the wild in December 2008.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft IE对象处理内存破坏漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Internet Explorer是微软公司开发的广为流行的网络浏览器。 IE在处理畸形格式的网页标记时存在内存对象处理错误,远程攻击者可能利用此漏洞通过精心构造恶意标记数据导致IE处理时执行攻击者指定的任意指令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-4844
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-4844
Please Login to view more intelligence information
- http://code.google.com/p/inception-h2hc/x_refsource_MISC
- http://www.scanw.com/blog/archives/303x_refsource_MISC
- http://isc.sans.org/diary.html?storyid=5458x_refsource_MISC
- http://www.microsoft.com/technet/security/advisory/961051.mspxx_refsource_CONFIRM
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-078vendor-advisoryx_refsource_MS
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6007vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2008-4844
Same Patch Batch · n/a · 2008-12-11 · 18 CVEs total
| CVE-2008-5426 | Kaspersky Internet Security Suite电子邮件信息拒绝服务漏洞 | |
| CVE-2008-5435 | PunBB 'moderate.php' 跨站脚本攻击漏洞 | |
| CVE-2008-5434 | PunBB 多个远程验证管理员SQL注入漏洞 | |
| CVE-2008-5433 | PunBB login.php 跨站脚本攻击漏洞 | |
| CVE-2008-5432 | Moodle 跨站脚本漏洞 | |
| CVE-2008-5431 | Teamtek Universal FTP Server拒绝服务漏洞 | |
| CVE-2008-5429 | incredimail长e-mail消息拒绝服务漏洞 | |
| CVE-2008-5428 | Opera 大的电子邮件信息拒绝服务漏洞 | |
| CVE-2008-5427 | Norton Antivirus in Norton Internet Security电子邮件信息拒绝服务漏洞 | |
| CVE-2006-7235 | Teamtek Universal FTP Server多个拒绝服务漏洞 | |
| CVE-2008-5425 | ESet NOD32 电子邮件信息拒绝服务漏洞 | |
| CVE-2008-5424 | Microsoft Outlook Express 电子邮件信息拒绝服务漏洞 | |
| CVE-2008-5423 | Sun Ray Server and Sun Ray Windows Connector 密码信息泄露漏洞 | |
| CVE-2008-5422 | Sun Ray Server Administration Password 密码信息泄露漏洞 | |
| CVE-2008-5421 | NetWin SmsGate SSL web管理服务拒绝服务漏洞 | |
| CVE-2008-5415 | Computer Associates ARCserve Backup 安全漏洞 | |
| CVE-2008-4418 | HP-UX DCE远程拒绝服务漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2008-4844
No comments yet