Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2008-4033
HistoryNov 12, 2008 - 11:30 p.m.

CVE-2008-4033

2008-11-1223:30:02
CWE-200
[email protected]
web.nvd.nist.gov
1

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.946 High

EPSS

Percentile

99.3%

JSON

Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka β€œMSXML Header Request Vulnerability.”

Affected configurations

NVD
Node
microsoftxml_core_servicesMatch4.0
AND
microsoftwindows_2000sp4
OR
microsoftwindows_2003_serversp1
OR
microsoftwindows_2003_serversp2
OR
microsoftwindows_7
OR
microsoftwindows_7sp1
OR
microsoftwindows_server_2008sp2
OR
microsoftwindows_server_2008Match-
OR
microsoftwindows_server_2008Matchr2
OR
microsoftwindows_server_2008Matchr2sp1
OR
microsoftwindows_vistasp1
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp2
OR
microsoftwindows_xpsp3
Node
microsoftxml_core_servicesMatch3.0
AND
microsoftwindows_2000sp4
OR
microsoftwindows_2003_serversp1
OR
microsoftwindows_2003_serversp2
OR
microsoftwindows_server_2008Match-
OR
microsoftwindows_vistasp1
OR
microsoftwindows_xpsp2
OR
microsoftwindows_xpsp3
Node
microsoftxml_core_servicesMatch6.0
AND
microsoftwindows_2000sp4
OR
microsoftwindows_2003_serversp1
OR
microsoftwindows_2003_serversp2
OR
microsoftwindows_server_2008Match-
OR
microsoftwindows_vistasp1
OR
microsoftwindows_xpsp2x64
OR
microsoftwindows_xpsp3
Node
microsoftxml_core_servicesMatch5.0
AND
microsoftexpression_web
OR
microsoftexpression_webMatch2
OR
microsoftgrooveMatch2007
OR
microsoftofficeMatch2003sp3
OR
microsoftofficeMatch2007sp1
OR
microsoftoffice_compatibility_pack
OR
microsoftoffice_compatibility_packsp1
OR
microsoftoffice_word_viewerMatch2003sp3
OR
microsoftsharepoint_serverMatch2007
OR
microsoftsharepoint_serverMatch2007sp1

Related

seebug 1
prion 2
cvelist 2
checkpoint_advisories 1
cve 2
nvd 1
securityvulns 2
mskb 1
openvas 2
nessus 1
seebug
seebug
Microsoft XML Core ServicesδΌ θΎ“ηΌ–η θ·¨εŸŸδΏ‘ζ―ζ³„ιœ²ζΌζ΄žοΌˆMS08-069οΌ‰
2008-11-13 00:00:00
prion
prion
Cross site scripting
2008-11-12 23:30:00
Design/Logic Flaw
2009-02-04 19:30:00
cvelist
cvelist
CVE-2008-4033
2008-11-12 23:00:00
CVE-2009-0419
2009-02-04 19:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft XML Core Services Chunked Request (MS08-069; CVE-2008-4033)
2008-11-11 00:00:00
cve
cve
CVE-2008-4033
2008-11-12 23:30:02
CVE-2009-0419
2009-02-04 19:30:00
nvd
nvd
CVE-2009-0419
2009-02-04 19:30:00
securityvulns
securityvulns
Microsoft Security Bulletin MS08-069 – Critical Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
2008-11-12 00:00:00
Microsoft XML multiple security vulnerabilities
2008-11-12 00:00:00
mskb
mskb
MS08-069: Vulnerabilities in Microsoft XML Core Services could allow remote code execution
2018-04-17 20:28:02
openvas
openvas
Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
2008-11-12 00:00:00
Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
2008-11-12 00:00:00
nessus
nessus
MS08-069: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)
2008-11-12 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.946 High

EPSS

Percentile

99.3%

JSON
Related for NVD:CVE-2008-4033
seebug1prion2cvelist2checkpoint_advisories1cve2nvd1securityvulns2mskb1openvas2nessus1