危険度:
  CVE識別番号: CVE-2008-4033
  情報公開日: 7 21, 2015

  概要

Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability."

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1003012
  Trend Micro Deep Security DPI Rule Name: 1003012 - MSXML Header Request Vulnerability

  影響を受けるソフトウェア

  • Microsoft 20007_Office_System sp1
  • Microsoft Expression_web 2
  • Microsoft Office 2003
  • Microsoft Office_compatibility_pack_for_word_excel_ppt_2007
  • Microsoft Office_groove_server 2007
  • Microsoft Office_sharepoint_server 2007
  • Microsoft Word_Viewer 2003