Vulnerability Description
An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used with WScript in Windows Script Host (WSH) on Windows Vista, allows remote attackers to cause a denial of service (access violation and application crash) via a zero value for the Startup property.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Money | 2006 |
| Microsoft | Windows Vista | - |
Related Weaknesses (CWE)
References
- http://jbrownsec.blogspot.com/2008/12/new-year-research-are-upon-us.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47756
- http://jbrownsec.blogspot.com/2008/12/new-year-research-are-upon-us.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47756
FAQ
What is CVE-2008-5823?
CVE-2008-5823 is a vulnerability with a CVSS score of 4.3 (MEDIUM). An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used with WScript in Windows Script Host (WSH) on Windows Vista, allows remote attackers to cause a denial of service (access violation...
How severe is CVE-2008-5823?
CVE-2008-5823 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5823?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Money, Microsoft Windows Vista.