ID and Rating

Description

Details

Intrusion Protection System (IPS) Response

Other Detections

CAN/CVE ID:

CVE-2007-0099

BID:

21872

Microsoft ID:

MS08-069

MSKB:

955218

Microsoft Rating:

Critical

Internet Explorer (IE) MSXML3 Race Condition Memory Corruption Vulnerability

Remote Code Execution Vulnerability

This vulnerability affects the following products:

XML Core Services 3.0

This is a previously public vulnerability in Microsoft XML Core Services disclosed on January 4, 2007 and documented in BID 21872.

The problem occurs when rendering 'XML' documents that contain an excessive amount of nested tags and are displayed in an 'IFRAME'. If the rendering process is repeatedly disrupted with a JavaScript timer forcing the page to reload every 50-100 milliseconds, the application becomes corrupted and the vulnerability is triggered.

Attackers can exploit this issue to execute arbitrary machine code in the context of the vulnerable application.

Failed exploit attempts will cause denial of service conditions.

Sig ID: N/A

AV:

N/A

Sygate IDS:

N/A

CAN/CVE ID:

CVE-2008-4029 

BID:

32155

Microsoft ID:

MS08-069

MSKB:

955218

Microsoft Rating:

Important

MSXML DTD Cross-Domain Scripting Vulnerability

Information Disclosure Vulnerability

This vulnerability affects the following products:

XML Core Services 3.0

XML Core Services 4.0

A cross-domain information disclosure vulnerability affects Microsoft XML Core Services due to how it handles error checks for external document type definitions (DTDs).

An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malicious web page.

A successful attack will result in the disclosure of potentially sensitive information from other domains.

Information obtained may aid in further attacks.

Sig ID: N/A

AV:

N/A

Sygate IDS:

N/A

CAN/CVE ID:

CVE-2008-4033

BID:

32204

Microsoft ID:

MS08-069

MSKB:

955218

Microsoft Rating:

Important

MSXML Chunked Request Vulnerability

Information Disclosure Vulnerability

This vulnerability affects the following products:

XML Core Services 3.0

XML Core Services 4.0

XML Core Services 5.0

XML Core Services 6.0

A cross-domain information disclosure vulnerability affects Microsoft XML Core Services due to how it handles transfer-encoding headers.

An attacker can exploit this issue by tricking an unsuspecting victim into viewing malicious web page.

A successful attack will result in the disclosure of potentially sensitive information from other domains.

Information obtained may aid in further attacks.

Sig ID: N/A

AV:

N/A

Sygate IDS:

N/A

CAN/CVE ID:

CVE-2008-4037

BID:

7385

Microsoft ID:

MS08-068

MSKB:

957097

Microsoft Rating:

Important

SMB Credential Reflection Vulnerability

Remote Code Execution Vulnerability

This vulnerability affects the following products:

Microsoft Windows 2000 SP4

Windows XP SP2

Windows XP SP3

Windows XP Professional x64 Edition

Windows XP Professional x64 Edition SP2

Windows Server 2003 SP1

Windows Server 2003 SP2

Windows Server 2003 x64 Edition

Windows Server 2003 x64 Edition SP2

Windows Server 2003 SP1 for Itanium-based Systems

Windows Server 2003 SP2 for Itanium-based Systems

Windows Vista

Windows Vista SP1

Windows Vista x64 Edition

Windows Vista x64 Edition SP1

Windows Server 2008 for 32-bit Systems

Windows Server 2008 for x64-based Systems

Windows Server 2008 for Itanium-based Systems

This is a previously documented remote code-execution vulnerability affecting the Microsoft Server Message Block (SMB) protocol.

The problem occurs because of how SMB handles NTLM credentials.

Specifically, if an attacker can trick a victim into connecting to a malicious SMB server, the attacker can reflect the victim’s credentials back, and gain access to the victim’s computer in the context of the currently logged-in user.

Sig ID: N/A

AV:

N/A

Sygate IDS:

N/A