CVE-2008-4800

Name of the Vulnerable Software and Affected Versions Microsoft Debug Diagnostic Tool version 1.0

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and crash of Internet Explorer 6.0, via a large negative integer argument to the GetEntryPointForThread method in the DebugDiag ActiveX control. This issue might only be exploitable in limited environments or non-default browser settings.

Recommendations For Microsoft Debug Diagnostic Tool version 1.0, consider disabling the GetEntryPointForThread method as a temporary workaround to minimize the risk of exploitation.