CVE-2008-4300

CVE Database · CVE-2008-4300

CVE-2008-4300

· N/AModified

CVSS v3.1

N/A

EPSS

13.55%

Published

Sep 29, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A certain ActiveX control in adsiis.dll in Microsoft Internet Information Services (IIS) allows remote attackers to cause a denial of service (browser crash) via a long string in the second argument to the GetObject method. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.

Affected Products (1)

microsoft · internet_information_servicesvulnerable

References (6)

http://securityreason.com/securityalert/4325

ExploitThird Party Advisory

http://www.securityfocus.com/archive/1/496696/100/0/threaded

ExploitThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/45584

Third Party AdvisoryVDB Entry

http://securityreason.com/securityalert/4325

ExploitThird Party Advisory

http://www.securityfocus.com/archive/1/496696/100/0/threaded

ExploitThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs