Oval Definition:	oval:org.mitre.oval:def:5999
Revision Date: 2008-12-29 Version: 42 Title: MSXML DTD Cross-Domain Scripting Vulnerability Description: Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet Explorer, allows remote attackers to obtain sensitive information from another domain via a crafted XML document, related to improper error checks for external DTDs, aka "MSXML DTD Cross-Domain Scripting Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2008-4029 Platform(s): Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP Product(s): Definition Synopsis the installed operating system is part of the Microsoft Windows family AND Microsoft XML Core Services 3 is installed AND msxml3.dll version is less than 8.100.1048.0 Microsoft XML Core Services 4 is installed AND msxml4.dll version is less than 4.20.9870.0
BACK