ID CVE-2008-5552 Type cve Reporter cve@mitre.org Modified 2018-10-11T20:56:00
Description
The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks via a CRLF sequence in conjunction with a crafted Content-Type header, as demonstrated by a header with a utf-7 charset value. NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to "address every conceivable XSS attack scenario."
{"id": "CVE-2008-5552", "bulletinFamily": "NVD", "title": "CVE-2008-5552", "description": "The XSS Filter in Microsoft Internet Explorer 8.0 Beta 2 allows remote attackers to bypass the XSS protection mechanism and conduct XSS attacks via a CRLF sequence in conjunction with a crafted Content-Type header, as demonstrated by a header with a utf-7 charset value. NOTE: the vendor has reportedly stated that the XSS Filter intentionally does not attempt to \"address every conceivable XSS attack scenario.\"", "published": "2008-12-12T18:30:00", "modified": "2018-10-11T20:56:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5552", "reporter": "cve@mitre.org", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/47441", "http://www.securityfocus.com/archive/1/499124/100/0/threaded", "https://exchange.xforce.ibmcloud.com/vulnerabilities/47277"], "cvelist": ["CVE-2008-5552"], "type": "cve", "lastseen": "2019-05-29T18:09:29", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "a1e5572256e1e8fe71e96419c804fb86"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "1083cc0f1bb16423b504d312a33a2b24"}, {"key": "cpe23", "hash": "39dcbc55e102c019cd695a651b906530"}, {"key": "cvelist", "hash": "9da445828aef3f04dbb3b4b819655749"}, {"key": "cvss", "hash": "f74a1c24e49a5ecb0eefb5e51d4caa14"}, {"key": "cvss2", "hash": "25131d66a9f3961140b068f4b41aa42b"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "34e69e045b64924bccf865d56b6918a2"}, {"key": "description", "hash": "a6a099088c731e815ffcaac572a627f7"}, {"key": "href", "hash": "f89372d5fd38256c2de52b9b9a5df12b"}, {"key": "modified", "hash": "0e03f010d88a9b38d7971dd3e8348031"}, {"key": "published", "hash": "2b62b12be02d9623a77581e24df6d99e"}, {"key": "references", "hash": "284d79a401aec31c12eddfd6739762e6"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "6bf092079fa8c5b987aca933febb7ca6"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "3283513d596cf7e320572bc09f6a2a5dffbc009535c544de132d07783f0eaa6f", "viewCount": 0, "enchantments": {"score": {"value": 4.6, "vector": "NONE", "modified": "2019-05-29T18:09:29"}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:1361412562310800208"]}], "modified": "2019-05-29T18:09:29"}, "vulnersScore": 4.6}, "objectVersion": "1.3", "cpe": ["cpe:/a:microsoft:internet_explorer:8"], "affectedSoftware": [{"name": "microsoft internet_explorer", "operator": "eq", "version": "8"}], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cpe23": ["cpe:2.3:a:microsoft:internet_explorer:8:beta2:*:*:*:*:*:*"], "cwe": ["CWE-79"]}
{"openvas": [{"lastseen": "2019-05-29T18:40:28", "bulletinFamily": "scanner", "description": "The host is installed with Internet Explorer and is prone to\n anti-xss filter vulnerabilities.", "modified": "2018-12-03T00:00:00", "published": "2008-12-19T00:00:00", "id": "OPENVAS:1361412562310800208", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800208", "title": "Microsoft Internet Explorer Anti-XSS Filter Vulnerabilities", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_iexplorer_anti_xss_vuln.nasl 684 2008-12-16 12:40:05Z dec$\n#\n# Microsoft Internet Explorer Anti-XSS Filter Vulnerabilities\n#\n# Authors:\n# Sujit Ghosal <sghosal@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800208\");\n script_version(\"$Revision: 12623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-03 14:11:38 +0100 (Mon, 03 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2008-12-19 13:40:09 +0100 (Fri, 19 Dec 2008)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_bugtraq_id(32780);\n script_cve_id(\"CVE-2008-5551\", \"CVE-2008-5552\", \"CVE-2008-5553\",\n \"CVE-2008-5554\", \"CVE-2008-5555\", \"CVE-2008-5556\");\n script_name(\"Microsoft Internet Explorer Anti-XSS Filter Vulnerabilities\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/499124\");\n script_xref(name:\"URL\", value:\"http://packetstormsecurity.org/0812-exploits/ie80-xss.txt\");\n script_xref(name:\"URL\", value:\"http://www.webappsec.org/lists/websecurity/archive/2008-12/msg00057.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"Windows\");\n script_dependencies(\"gb_ms_ie_detect.nasl\");\n script_mandatory_keys(\"MS/IE/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker execute arbitrary codes in the\n context of the application and can perform the XSS attacks on the remote hosts without any consent of IE.\");\n\n script_tag(name:\"affected\", value:\"Windows Platform with Internet Explorer 8.0 Beta 2.\");\n\n script_tag(name:\"insight\", value:\"These flaws are due to,\n\n - Injections facilitated by some HTTP headers are not currently blocked.\n\n - Injections into some contexts are not blocked where contents can be\n injected directly into JavaScript without breaking out a string.\n\n - Allowing access to the attacker to inject XSS string in 2 different HTML\n positions.\n\n - It lets the attacker execute XSS attacks using CRLF sequence in\n conjunction with a crafted Content-Type header.\");\n\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year since the disclosure of\n this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release,\n disable respective features, remove the product or replace the product by another one.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Internet Explorer and is prone to\n anti-xss filter vulnerabilities.\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nif( !ieVer = get_kb_item(\"MS/IE/Version\") ) exit( 0 );\n\nif(version_in_range(version:ieVer, test_version:\"8.0\",\n test_version2:\"8.0.6001.18241\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}