|
|
CVE Reference: CVE-2008-4033 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-4033 |
|
|
Description: Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability." |
|
|
CVE Status: Candidate |
|
|
References: ST 1021164 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5847 MS http://www.microsoft.com/technet/security/Bulletin/MS08-069.mspx CERT http://www.us-cert.gov/cas/techalerts/TA08-316A.html BID 32204 |
|
| Return to the previous page. |
