Release DateNov 14, 2008 |
Severitymedium |
ImpactInformation disclosure |
DescriptionThis indicates a possible attempt to exploit an information disclosure vulnerability in Microsoft XML Core Services, which is caused by its way of handling error checks for external document type definitions. The vulnerability could lead to information disclosure or cross-domain attacks. |
Affected ProductsMSXML versions prior to v6 |
Recommended ActionsApply the patch, available from the vendor's web site: http://www.microsoft.com/technet/security/Bulletin/MS08-069.mspx. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2008-4029 |
Reference/shttp://technet.microsoft.com/en-us/security/bulletin/ms08-069.mspx (MS-ID) |