CVE-2008-4127

Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8.0.6001 on Windows XP SP2 allows remote attackers to cause a denial of service (failure of subsequent image rendering) via a crafted PNG file, related to an infinite loop in the CDwnTaskExec::ThreadExec function.

Publication date: Thu, 18 Sep 2008 22:59:00 +0000


Cyber News related to CVE-2008-4127

CVE-2008-4127 - Mshtml.dll in Microsoft Internet Explorer 7 Gold 7.0.5730 and 8 Beta 8.0.6001 on Windows XP SP2 allows remote attackers to cause a denial of service (failure of subsequent image rendering) via a crafted PNG file, related to an infinite loop in the ...
3 years ago
CVE-2005-4127 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4092. Reason: This candidate is a duplicate of CVE-2005-4092. This candidate was originally published to handle a pre-patch vague announcement, but multiple simultaneous ...
54 years ago Tenable.com
CVE-2005-4092 - Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource ...
6 years ago
CVE-2007-4127 - ** DISPUTED ** PHP remote file inclusion vulnerability in check_entry.php in Ralf Image Gallery (RIG), aka Raphael Moll RIG Image Gallery, 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the dir_abs_src parameter. NOTE: this ...
6 years ago
CVE-2016-4127 - Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs ...
1 year ago
CVE-2009-4127 - Unspecified vulnerability in Wikipedia Toolbar extension before 0.5.9.2 for Firefox allows user-assisted remote attackers to execute arbitrary JavaScript with Chrome privileges via vectors involving unspecified Toolbar buttons and the eval function. ...
14 years ago
CVE-2015-4127 - Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrated by a request to ...
7 years ago
CVE-2014-4127 - Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." ...
6 years ago
CVE-2006-4127 - Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrators to execute arbitrary code via format string specifiers that are not properly handled when calling the (1) privmsg() or (2) pubmsg functions from ...
6 years ago
CVE-2018-4127 - An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves ...
5 years ago
CVE-2020-4127 - HCL Domino is susceptible to a Login CSRF vulnerability. With a valid credential, an attacker could trick a user into accessing a system under another ID or use an intranet user's system to access internal systems from the internet. Fixes are ...
3 years ago
CVE-2022-4127 - A NULL pointer dereference issue was discovered in the Linux kernel in io_files_update_with_index_alloc. A local user could use this flaw to potentially crash the system causing a denial of service. ...
1 year ago
CVE-2021-4127 - An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird < 78.9 and Firefox ESR < 78.9. ...
1 year ago
CVE-2011-4127 - The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume. ...
1 year ago
CVE-2013-4127 - Use-after-free vulnerability in the vhost_net_set_backend function in drivers/vhost/net.c in the Linux kernel through 3.10.3 allows local users to cause a denial of service (OOPS and system crash) via vectors involving powering on a virtual machine. ...
1 year ago
CVE-2023-4127 - Race Condition within a Thread in GitHub repository answerdev/answer prior to v1.1.1. ...
1 year ago
CVE-2010-4127 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none ...
54 years ago Tenable.com
CVE-2012-4127 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none ...
54 years ago Tenable.com
CVE-2017-4127 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
54 years ago Tenable.com
CVE-2024-4127 - A vulnerability was found in Tenda W15E 15.11.0.14. It has been classified as critical. Affected is the function guestWifiRuleRefresh. The manipulation of the argument qosGuestDownstream leads to stack-based buffer overflow. It is possible to launch ...
6 months ago Tenable.com
CVE-2008-1378 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2360, CVE-2008-2361, CVE-2008-2362. Reason: This candidate has been withdrawn by its CNA. It was SPLIT into separate candidates before publication. Notes: All CVE users should ...
54 years ago Tenable.com
CVE-2008-2617 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago
CVE-2008-2615 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago
CVE-2008-2621 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago
CVE-2008-2622 - Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than ...
7 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)