Microsoft Internet Explorer HTML Objects Memory Corruption

  Severity: CRITICAL
  CVE Identifier: CVE-2008-2254,MS08-045
  Advisory Date: JUL 21, 2015

  DESCRIPTION

Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "HTML Object Memory Corruption Vulnerability."

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1002700
  Trend Micro Deep Security DPI Rule Name: 1002700 - Microsoft Internet Explorer HTML Objects Memory Corruption

  AFFECTED SOFTWARE AND VERSION

  • microsoft ie 5.01
  • microsoft ie 6
  • microsoft ie 7
  • microsoft internet_explorer 6