Lucene search
MicrosoftCVELIST:CVE-2008-4033HistoryNov 12, 2008 - 11:00 p.m.
CVE-2008-4033
2008-11-1223:00:00
microsoft
www.cve.org
Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka βMSXML Header Request Vulnerability.β
References
marc.info/?l=bugtraq&m=122703006921213&w=2
securitytracker.com/id?1021164
www.securityfocus.com/bid/32204
www.us-cert.gov/cas/techalerts/TA08-316A.html
www.vupen.com/english/advisories/2008/3111
docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-069
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5847
Related
nvd
nvd
CVE-2008-4033
2008-11-12 23:30:02
CVE-2009-0419
2009-02-04 19:30:00
cve
cve
CVE-2008-4033
2008-11-12 23:30:02
CVE-2009-0419
2009-02-04 19:30:00
seebug
seebug
prion
prion
Cross site scripting
2008-11-12 23:30:00
Design/Logic Flaw
2009-02-04 19:30:00
checkpoint_advisories
checkpoint_advisories
Microsoft XML Core Services Chunked Request (MS08-069; CVE-2008-4033)
2008-11-11 00:00:00
cvelist
cvelist
CVE-2009-0419
2009-02-04 19:00:00
securityvulns
securityvulns
mskb
mskb
openvas
openvas
Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
2008-11-12 00:00:00
Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
2008-11-12 00:00:00
nessus
nessus