CVE-2008-4020

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which renders the content instead of raising a File Download dialog box, aka "Vulnerability in Content-Disposition Header Vulnerability."

🔗 References (24)

secure@microsofthttp://jvn.jp/en/jp/JVN55410403/index.html
secure@microsofthttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000070.html
secure@microsofthttp://marc.info/?l=bugtraq&m=122479227205998&w=2
secure@microsofthttp://secunia.com/advisories/32138
secure@microsofthttp://www.securityfocus.com/bid/31693
secure@microsofthttp://www.securitytracker.com/id?1021045
secure@microsofthttp://www.us-cert.gov/cas/techalerts/TA08-288A.html
secure@microsofthttp://www.vupen.com/english/advisories/2008/2807
secure@microsofthttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-056
secure@microsofthttps://exchange.xforce.ibmcloud.com/vulnerabilities/45546
secure@microsofthttps://exchange.xforce.ibmcloud.com/vulnerabilities/45550
secure@microsofthttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5969
af854a3a-2127-422b-91ae-364da2661108http://jvn.jp/en/jp/JVN55410403/index.html
af854a3a-2127-422b-91ae-364da2661108http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000070.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122479227205998&w=2

Is Your Infrastructure Affected by CVE-2008-4020?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-4020

📅 Published

🔄 Last Modified

🔗 References (24)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-4020?