Lucene search
K

5 matches found

Prion
Prion
added 2009/02/04 7:30 p.m.21 views

Design/Logic Flaw

Microsoft XML Core Services, as used in Microsoft Expression Web, Office, Internet Explorer 6 and 7, and other products, does not properly restrict access from web pages to Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via...

5CVSS6.3AI score0.27747EPSS
Exploits2References2
seebug.org
seebug.org
added 2008/11/13 12:0 a.m.46 views

Microsoft XML Core Services传输编码跨域信息泄露漏洞(MS08-069)

BUGTRAQ ID: 32204 CVECAN ID: CVE-2008-4033 Microsoft XML Core Services(MSXML)允许使用JScript、VBScript和Visual Studio 6.0的用户开发基于XML的应用,以与其他遵循XML 1.0标准的应用程序交互操作。 Microsoft XML Core Services处理传输编码头的方式中存在一个信息泄露漏洞。如果用户浏览包含特制内容的网站或打开特制HTML电子邮件,此漏洞可能允许读取另一个Internet Explorer域中的网页的数据。 Microsoft XML Core Servic...

4.3CVSS6.8AI score0.27747EPSS
Exploits1
CVE
CVE
added 2008/11/12 11:0 p.m.58 views

CVE-2008-4033

CVE-2008-4033 is a cross-domain information disclosure vulnerability in Microsoft XML Core Services (MSXML) versions 3.0 through 6.0, affecting multiple products that embed MSXML (including Expression Web, Office, and Internet Explorer). The issue involves improper handling of HTTP header fields ...

4.3CVSS5.9AI score0.27747EPSS
Exploits1References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/11/12 12:0 a.m.125 views

MS08-069: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

The remote host is running a version of Windows that contains a flaw in the Windows XML Core Services. An attacker may be able to execute arbitrary code on the remote host by constructing a malicious script and enticing a victim to visit a website or view a specially crafted email message. C...

9.3CVSS6.2AI score0.27747EPSS
Exploits8References4
Check Point Advisories
Check Point Advisories
added 2008/11/11 12:0 a.m.2 views

Microsoft XML Core Services Chunked Request (MS08-069; CVE-2008-4033)

MSXML is an application for processing Extensible Stylesheet Language Transformation in an XML file that allows programmers to create high-performance XML-based applications. An information disclosure vulnerability has been reported in Microsoft XML Core Services MSXML. The vulnerability is due t...

4.3CVSS5.3AI score0.27747EPSS
Exploits1
Rows per page
Query Builder