Fixlet Site - VulnerabilitiestoWindowsSystems
Current Version: 142	Published: Tue, 25 Nov 2008 18:44:19  GMT

New Fixlets:
============

***************************************************************
Title: MSXML Memory Corruption Vulnerability
Severity: High
Fixlet ID: 579301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5793.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0099
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer 6 and other applications, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via many nested tags in an XML document in an IFRAME, when synchronous document rendering is frequently disrupted with asynchronous events, as demonstrated using a JavaScript timer, which can trigger NULL pointer dereferences or memory corruption, aka "MSXML Memory Corruption Vulnerability."

***************************************************************
Title: MSXML Header Request Vulnerability
Severity: Medium
Fixlet ID: 584701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5847.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4033
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability."

***************************************************************
Title: MSXML DTD Cross-Domain Scripting Vulnerability
Severity: Medium
Fixlet ID: 599901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval5999.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4029
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet Explorer, allows remote attackers to obtain sensitive information from another domain via a crafted XML document, related to improper error checks for external DTDs, aka "MSXML DTD Cross-Domain Scripting Vulnerability."

***************************************************************
Title: SMB Credential Reflection Vulnerability
Severity: High
Fixlet ID: 601201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval6012.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4037
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability."  NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.