CVE-2008-4253
high
Microsoft CVSS v3 Base Score
8.5
AV:N/AC:M/Au:S/C:C/I:C/A:C
EPSS Score
57.5%
Exploitation probability in 30 days
Top 2% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C
Published: December 10, 2008 (6364 days ago)
Last Modified: April 23, 2026
Vendor: Microsoft
Source: NVD
Vulnerability Report
Generated by CyberWatcher
Description
The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability."
CWE
CWE-399Affected Products
microsoft office frontpagemicrosoft projectmicrosoft visual basicmicrosoft visual foxpromicrosoft visual studio .net