Lucene search
PRIOn knowledge basePRION:CVE-2008-4033HistoryNov 12, 2008 - 11:30 p.m.
Cross site scripting
2008-11-1223:30:00
PRIOn knowledge base
www.prio-n.com
4
Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka βMSXML Header Request Vulnerability.β
| CPE | Name | Operator | Version |
|---|---|---|---|
| xml_core_services | eq | 4.0 | |
| xml_core_services | eq | 3.0 | |
| xml_core_services | eq | 6.0 | |
| xml_core_services | eq | 5.0 |
References
securitytracker.com/id?1021164
www.securityfocus.com/bid/32204
www.us-cert.gov/cas/techalerts/TA08-316A.html
www.vupen.com/english/advisories/2008/3111
docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-069
marc.info/?l=bugtraq&m=122703006921213&w=2
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5847
Related
seebug
seebug
checkpoint_advisories
checkpoint_advisories
Microsoft XML Core Services Chunked Request (MS08-069; CVE-2008-4033)
2008-11-11 00:00:00
cvelist
cvelist
CVE-2008-4033
2008-11-12 23:00:00
CVE-2009-0419
2009-02-04 19:00:00
cve
cve
CVE-2008-4033
2008-11-12 23:30:02
CVE-2009-0419
2009-02-04 19:30:00
nvd
nvd
CVE-2008-4033
2008-11-12 23:30:02
CVE-2009-0419
2009-02-04 19:30:00
prion
prion
Design/Logic Flaw
2009-02-04 19:30:00
securityvulns
securityvulns
mskb
mskb
nessus
nessus
openvas
openvas
Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
2008-11-12 00:00:00
Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
2008-11-12 00:00:00