This host is missing a critical security update according to Microsoft Bulletin MS08-073.
Successful exploitation could result in stack based buffer overflow by sending overly long specially crafted file via web page to corrupt heap memory. Impact Level: System/Application
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://technet.microsoft.com/en-us/security/bulletin/MS08-073
The flaws are due to - error when handling parameters passed to unspecified navigation methods. - error when fetching a file with an overly long path from a WebDAV share. - unspecified use-after-free error. - a boundary error when processing an overly long filename extension specified inside an EMBED tag.
Internet Explorer 7 on MS Windows Vista Internet Explorer 6 on MS Windows 2003 and XP Internet Explorer 7 on MS Windows 2003 and XP Internet Explorer 7 on MS Windows 2008 Server Internet Explorer 5.01 and 6 on MS Windows 2000
Updated on 2015-03-25
CVE CVE-2008-4258, CVE-2008-4259, CVE-2008-4260, CVE-2008-4261
CVSS Base Score: 9.3
- Cumulative Security Update for Internet Explorer (928090)
- Cumulative Security Update for Internet Explorer (961260)
- Cumulative Security Update for Internet Explorer (950759)
- Microsoft Forefront Protection For Exchange RCE Vulnerability (2927022)
- Microsoft Active Directory Denial of Service Vulnerability (953235)