Summary
The host has Microsoft Internet Explorer installed, which is prone to denial of service vulnerability.
Impact
Successful exploitation will cause the application to stop responding and denying the service to legitimate users.
Impact Level : Application
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
For updates refer to http://windows.microsoft.com/en-us/internet-explorer/download-ie
Insight
Due to errors while handling PNG files, CDwnTaskExec::ThreadExec enters into an infinite loop while loading images which causes the browser to crash. This can be exploited by enticing victim to visit a malicious web page embedded with rouge PNG files.
Affected
Microsoft Internet Explorer 7.x and 8 Beta on Windows
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2008-4127 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- avast! AntiVirus Multiple BOF Vulnerabilities (Linux)
- ClamAV LZH File Unpacking Denial of Service Vulnerability (Win)
- Comodo Internet Security Denial of Service Vulnerability-05
- Eggdrop Server Module Message Handling Remote Buffer Overflow Vulnerability
- Apple Safari URI NULL Pointer Dereference DoS Vulnerability (Win)