CVSS: 4.3EPSS: 77%CPEs: 17EXPL: 1CVE-2008-4029 – Microsoft XML Core Services DTD - Cross-Domain Scripting (MS08-069)
https://notcve.org/view.php?id=CVE-2008-4029
Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet Explorer, allows remote attackers to obtain sensitive information from another domain via a crafted XML document, related to improper error checks for external DTDs, aka "MSXML DTD Cross-Domain Scripting Vulnerability." Vulnerabilidad de dominios cruzados en Microsoft XML Core Services v3.0 y v4.0, como lo utilizado en Internet Explorer, permite a atacantes remotos obtener información sensible de otro dominio a través de documentos XML manipulados, relacionados con el inadecuado control de error para las DTD externas, también conocido como "Vulnerabilidad MSXML DTD Cross-Domain Scripting". • https://www.exploit-db.com/exploits/7196 http://marc.info/?l=bugtraq&m=122703006921213&w=2 http://securitytracker.com/id?1021164 http://www.securityfocus.com/bid/32155 http://www.us-cert.gov/cas/techalerts/TA08-316A.html http://www.vupen.com/english/advisories/2008/3111 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5999 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 94%CPEs: 41EXPL: 1CVE-2008-4033 – Microsoft XML Core Services DTD - Cross-Domain Scripting (MS08-069)
https://notcve.org/view.php?id=CVE-2008-4033
Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability." Vulnerabilidad de dominios cruzados en Microsoft XML Core Services v3.0 hasta v6.0, como el que se utiliza en Microsoft Expression Web, Office, Internet Explorer y otros productos; permite a atacantes remotos obtener información sensible de otro dominio y corromper el estado de la sesión a través de solicitudes de campos de cabecera HTTP, como se ha demostrado con el campo Transfer-Encoding. También se conoce como "Vulnerabilidad de la solicitud de la cabecera MSXML". • https://www.exploit-db.com/exploits/7196 http://marc.info/?l=bugtraq&m=122703006921213&w=2 http://securitytracker.com/id?1021164 http://www.securityfocus.com/bid/32204 http://www.us-cert.gov/cas/techalerts/TA08-316A.html http://www.vupen.com/english/advisories/2008/3111 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5847 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 97%CPEs: 18EXPL: 7CVE-2008-4250 – Microsoft Windows Server - Code Execution (PoC) (MS08-067)
https://notcve.org/view.php?id=CVE-2008-4250
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability." El servicio servidor en Microsoft Windows versiones 2000 SP4, XP SP2 y SP3, Server 2003 SP1 y SP2, vista Gold y SP1, Server 2008 y 7 Pre-Beta, permite a los atacantes remotos ejecutar código arbitrario por medio de una petición RPC creada que desencadena el desbordamiento durante una Canonicalización de Path, como explotación en la naturaleza por Gimmiv.A en octubre de 2008, también se conoce como "Server Service Vulnerability" • https://www.exploit-db.com/exploits/6824 https://www.exploit-db.com/exploits/40279 https://www.exploit-db.com/exploits/7104 https://www.exploit-db.com/exploits/16362 https://www.exploit-db.com/exploits/6841 https://www.exploit-db.com/exploits/7132 http://blogs.securiteam.com/index.php/archives/1150 http://marc.info/?l=bugtraq&m=122703006921213&w=2 http://secunia.com/advisories/32326 http://www.kb.cert.org/vuls/id/827267 http://www.securityfocus.com/archive • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.1EPSS: 2%CPEs: 2049EXPL: 0CVE-2008-4609
https://notcve.org/view.php?id=CVE-2008-4609
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, permite a atacantes remotos provocar una denegación de servicio (agotamiento de cola de conexión) a través de múltiples vectores que manipulan información en la tabla de estados del TCP, como lo demuestra sockstress. • http://blog.robertlee.name/2008/10/conjecture-speculation.html http://insecure.org/stf/tcp-dos-attack-explained.html http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html http://marc.info/?l=bugtraq&m=125856010926699&w=2 http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html http://www.cpni • CWE-16: Configuration •
CVSS: 10.0EPSS: 74%CPEs: 17EXPL: 0CVE-2008-4038
https://notcve.org/view.php?id=CVE-2008-4038
Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability." Desbordamiento inferior de búfer en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008 permite a atacantes remotos ejecutar código de su elección mediante una petición Server Message Block (SMB)que contenga un nombre de archivo con una longitud manipulada, también conocido como "SMB Buffer Underflow Vulnerability" (vulnerabilidad de desbordamiento inferior de búfer SMB). • http://marc.info/?l=bugtraq&m=122479227205998&w=2 http://secunia.com/advisories/32249 http://www.securityfocus.com/bid/31647 http://www.securitytracker.com/id?1021049 http://www.us-cert.gov/cas/techalerts/TA08-288A.html http://www.vupen.com/english/advisories/2008/2814 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-063 https://exchange.xforce.ibmcloud.com/vulnerabilities/45560 https://exchange.xforce.ibmcloud.com/vulnerabilities/45561 https://oval.cis • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •