admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-40xx/CVE-2008-4033.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

368 lines
13 KiB
JSON
Raw Blame History

{
"id": "CVE-2008-4033",
"sourceIdentifier": "secure@microsoft.com",
"published": "2008-11-12T23:30:02.727",
"lastModified": "2018-10-12T21:48:32.233",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka \"MSXML Header Request Vulnerability.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de dominios cruzados en Microsoft XML Core Services v3.0 hasta v6.0, como el que se utiliza en Microsoft Expression Web, Office, Internet Explorer y otros productos; permite a atacantes remotos obtener informaci\u00f3n sensible de otro dominio y corromper el estado de la sesi\u00f3n a trav\u00e9s de solicitudes de campos de cabecera HTTP, como se ha demostrado con el campo Transfer-Encoding. Tambi\u00e9n se conoce como \"Vulnerabilidad de la solicitud de la cabecera MSXML\"."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:xml_core_services:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9B9BE3-6F83-469E-834F-3E00CFECD8E2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7519928D-0FF2-4584-8058-4C7764CD5671"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0C28897B-044A-447B-AD76-6397F8190177"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2ACA9287-B475-4AF7-A4DA-A7143CEF9E57"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73052210-0B42-46AA-9F28-AAE3E9B6DE87"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:xml_core_services:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4170FCB7-274C-4318-B7A1-8F18DE604A2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "ABBA5D64-4184-4420-B7D0-A4E41359AA5A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:xml_core_services:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B91A0AA-44C0-4ED8-A7AC-54C9C83FFEFE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:expression_web:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2876FC23-21A0-4F56-B0D9-11187173F7D7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:expression_web:2:*:*:*:*:*:*:*",
"matchCriteriaId": "F6761A1C-EC1C-4B00-8126-D58DAB51267A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:groove:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "355F60DB-EC9A-4054-8023-BD16D5723C9F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*",
"matchCriteriaId": "69E6B9EB-D3F7-4C57-BF2F-61664E5C2C7D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53DC2480-5B8D-4E96-BD54-17561B1FFE7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C0BBD1BF-B54F-41C7-AB52-0B93E647C98D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:office_word_viewer:2003:sp3:*:*:*:*:*:*",
"matchCriteriaId": "B4B148CC-6C58-411B-8503-01F3BE1D5906"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "864B622E-B522-4791-AC82-0711130544BA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2007:sp1:*:*:*:*:*:*",
"matchCriteriaId": "CF3C2971-447B-4054-86C6-3169B82E525B"
}
]
}
]
}
],
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=122703006921213&w=2",
"source": "secure@microsoft.com"
},
{
"url": "http://securitytracker.com/id?1021164",
"source": "secure@microsoft.com"
},
{
"url": "http://www.securityfocus.com/bid/32204",
"source": "secure@microsoft.com",
"tags": [
"Patch"
]
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA08-316A.html",
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/3111",
"source": "secure@microsoft.com"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-069",
"source": "secure@microsoft.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5847",
"source": "secure@microsoft.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink