Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability."
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2008-11-12T23:00:00

Updated: 2024-08-07T10:00:42.312Z

Reserved: 2008-09-10T00:00:00

Link: CVE-2008-4033

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2008-11-12T23:30:02.727

Modified: 2024-11-21T00:50:43.710

Link: CVE-2008-4033

cve-icon Redhat

No data.