Lucene search

K

MicrosoftCVELIST:CVE-2008-4033

HistoryNov 12, 2008 - 11:00 p.m.

CVE-2008-4033

2008-11-1223:00:00

microsoft

www.cve.org

5

AI Score

6

Confidence

Low

EPSS

0.945

Percentile

99.3%

Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka “MSXML Header Request Vulnerability.”

References

marc.info/?l=bugtraq&m=122703006921213&w=2

securitytracker.com/id?1021164

www.securityfocus.com/bid/32204

www.us-cert.gov/cas/techalerts/TA08-316A.html

www.vupen.com/english/advisories/2008/3111

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-069

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5847

AI Score

6

Confidence

Low

EPSS

0.945

Percentile

99.3%

Related for CVELIST:CVE-2008-4033

seebug1 prion2 cve2 nvd2 checkpoint_advisories1 exploitdb1 cvelist1 securityvulns2 openvas2 mskb1 nessus1