Vulnerability CVE-2008-4029 - CERT Civis.Net

Vulnerability Name:

CVE-2008-4029 (CCN-45554)

Assigned:

2008-11-11

Published:

2008-11-11

Updated:

2019-02-26

Summary:

Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet Explorer, allows remote attackers to obtain sensitive information from another domain via a crafted XML document, related to improper error checks for external DTDs, aka "MSXML DTD Cross-Domain Scripting Vulnerability."

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.4 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2008-4029

Source: HP
Type: UNKNOWN
SSRT080164

Source: CCN
Type: SECTRACK ID: 1021164
Microsoft XML Core Services (MSXML) Bugs Let Remote Users Obtain Information and Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1021164

Source: CCN
Type: ASA-2008-438
MS08-069 Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

Source: CCN
Type: NORTEL BULLETIN ID: 2008009187, Rev 1
Nortel Response to Microsoft Security Bulletin MS08-069

Source: CCN
Type: Microsoft Security Bulletin MS12-043
Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479)

Source: CCN
Type: Microsoft Security Bulletin MS13-002
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (2756145)

Source: CCN
Type: Microsoft Security Bulletin MS14-005
Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2916036)

Source: CCN
Type: Microsoft Security Bulletin MS14-067
Vulnerability in XML Core Services Could Allow Remote Code Execution

Source: CCN
Type: Microsoft Security Bulletin MS15-084
Vulnerabilities in XML Core Services Could Allow Information Disclosure (3080129)

Source: CCN
Type: Microsoft Security Bulletin MS16-040
Security Update for Microsoft XML Core Service (3148541)

Source: CCN
Type: Microsoft Security Bulletin MS17-022
Security Update for Microsoft XML Core Services (4010321)

Source: CCN
Type: Microsoft Security Bulletin MS14-033
Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2966061)

Source: CCN
Type: Microsoft Security Bulletin MS08-069
Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218)

Source: CCN
Type: Microsoft Security Bulletin MS10-051
Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2079403)

Source: BID
Type: Patch
32155

Source: CCN
Type: BID-32155
Microsoft XML Core Services DTD Cross Domain Information Disclosure Vulnerability

Source: CERT
Type: US Government Resource
TA08-316A

Source: VUPEN
Type: UNKNOWN
ADV-2008-3111

Source: MS
Type: UNKNOWN
MS08-069

Source: XF
Type: UNKNOWN
msxml-dtd-information-disclosure(45554)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5999

Vulnerable Configuration:

Configuration 1:

cpe:/a:microsoft:internet_explorer:*:*:*:*:*:*:*:*

AND

cpe:/o:microsoft:windows_2000:sp4:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*

OR cpe:/o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:*:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:sp1:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:*:professional_x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:-:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:microsoft:xml_core_services:3.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:xml_core_services:4.0:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:*

AND

cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:2003_server:*:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:2003_server:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:*

OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:5999	V	MSXML DTD Cross-Domain Scripting Vulnerability	2008-12-29