Test ID:	1.3.6.1.4.1.25623.1.0.900187
Category:	General
Title:	Microsoft Internet Explorer Argument Injection Vulnerability
Summary:	This host has installed Internet Explorer and is prone to Argument; Injection vulnerability.
Description:	Summary: This host has installed Internet Explorer and is prone to Argument Injection vulnerability. Vulnerability Insight: The flaw is due to lack of sanitization check of user supplied input which causes remote command execution in the context of the application via - -renderer-path option in a chromehtml: URI. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary codes with the user privileges and cause argument injection in the context of the vulnerable application. Affected Software/OS: Microsoft, Internet Explorer version 8 beta 2 and prior. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5750 BugTraq ID: 32999 http://www.securityfocus.com/bid/32999 Bugtraq: 20081223 Google Chrome Browser (ChromeHTML://) remote parameter injection POC (Google Search) http://www.securityfocus.com/archive/1/499570/100/0/threaded https://www.exploit-db.com/exploits/7566 http://retrogod.altervista.org/9sg_chrome.html http://securityreason.com/securityalert/4821
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.